If 2015 Is the Year of the Healthcare Breach, This Could Be Its “Anthem”…And ThreatMetrix Predicted It

Posted February 6, 2015

ThreatMetrix Warned of Healthcare System’s Vulnerability. Hack of Anthem, U.S.’s Second Largest Insurer, Proves ThreatMetrix Correct

Alisdair Faulkner, chief products officer at ThreatMetrix®, came right to the point when he predicted in a news release last year that “insurance, healthcare and pharmacies will be new focuses for fraudsters. As healthcare information makes the shift electronically via the Health Insurance Portability and Accountability Act (HIPAA), fraudsters will find ways through its security holes to commit healthcare fraud and steal personal information.”

While ThreatMetrix warned about the healthcare industry becoming a prime target of cybercrime, the Anthem breach came as a loud wakeup call with hackers gaining access to the private data of 80 million former and current members and employees of the nation’s number two healthcare company. While the breach did not involve healthcare records or credit care numbers, it did expose Social Security numbers, income data, birthdays, and street and e-mail addresses — in short, everything cybercriminals need to pull off identity theft on a grand scale.

In a washingtonpost.com story, Drew Harwell and Ellen Nakashima explored many aspects of the breach. The following has been excerpted from their piece and edited to fit our format. You may find the full article by clicking on this link.

China?

Investigators suspect Chinese hackers may be responsible for the breach, according to a person briefed on some aspects of the probe. There are also some indications that other health-care companies may have been targeted, said the individual, who spoke on the condition of anonymity to discuss the ongoing investigation.

“The more information the Chinese have about large segments of the American population, the easier it is for them to penetrate our military and intelligence agencies,” said Joel Brenner, a former top U.S. counterintelligence official. “They then have the health-care information, the fingerprints and the real names of an enormous set of people, many of whom are prime recruits for our intelligence services or our military or who are already in our military. It’s an enormous advantage in penetrating cover.”

Healthcare a ripe target

Security experts said health care has become one of the ripest targets for hackers because of its vast stores of lucrative financial and medical information. Health insurers and hospitals, they added, have often struggled to mount the kinds of defenses­ used by large financial or retail companies, leaving key medical information vulnerable.

Industry unprepared

The massive computer breach against Anthem, the nation’s second-largest health insurer, exposes a growing cyberthreat facing health-care companies that experts say are often unprepared for large attacks.

Invaluable on the black market

[The] breach underlines the worrying potential for hackers to steal private health data that is valued on the black market as tools for extortion, fraud or identity theft. Medical information could be exploited, for example, to file false insurance claims and buy prescription drugs, and attackers could extort cash from policyholders desperate to keep their private medical data under wraps.

Big bucks

A set of complete health insurance credentials sold for $20 on underground markets in 2013 — 10 to 20 times the price of a U.S. credit card number with a security code, according to Dell ­SecureWorks.

Worse than stolen credit cards

“Health-care records are the new credit cards,” said Ben Johnson, chief security strategist at cybersecurity firm Bit9 + Carbon Black. “If someone gets your credit card number, you cancel it. If you have HIV, and that gets out, there’s no getting that back.”

Preparing for another attack?

That the employee data was stolen in the Anthem hack could indicate that hackers might be preparing for another attack, which would allow them to access internal systems that they were otherwise unable to reach, said Tom DeSot, an executive at the cybersecurity firm Digital Defense.

ThreatMetrix

ThreatMetrix

close btn