Health insurance giant Anthem Inc. has confirmed the company has been hacked, and, according an FBI investigation, the attack is likely to have been “massive.”
Company spokesperson Kristin Binns exclaimed in a statement:
Cyber attackers executed a very sophisticated attack to gain unauthorized access to one of Anthem’s IT systems and have obtained personal information relating to consumers and Anthem employees who are currently covered, or who have received coverage in the past.
Anthem claims a database of some 80 million records have been hacked, but is keeping its fingers crossed that fewer individuals will be affected than that.
So far, they really have no idea.
FBI spokesperson Paul Bresson told NBC News late in the day, Wednesday:
Anthem’s initial response in promptly notifying the FBI after observing suspicious network activity is a model for other companies and organizations facing similar circumstances. Speed matters when notifying law enforcement of an intrusion, as cyber criminals can quickly destroy critical evidence needed to identify those responsible.
Anthem’s Binns also stated information that may have been acquired by the unidentified hackers includes names, birth dates, Social Security numbers, home addresses, email addresses, even information regarding employment, such as income.
Binns also claimed:
No credit card banking or financial information was compromised, nor is there evidence at this time that medical information such as claims, test results, or diagnostic codes were targeted or obtained.
Note that Binns stated that there is simply no “evidence” that medical information had been accessed.
Anthem provides service to clients in 14 states around the country, including such large states as New York and California.
Binns also stated:
As soon as we learned about the attack, we immediately made every effort to close the security vulnerability, contacted the FBI and began fully cooperating with their investigation.
Binns added that Anthem has hired leading cybersecurity firm Mandiant in order “to evaluate our systems and identify solutions.”
Chairman of the Committee on Homeland Security, U.S. Michael McCaul (R-Texas), issued a statement in the wake of the Anthem hack, stating the case highlights exactly why the nation needs tougher cybersecurity laws.
This attack is another reminder of the persistent threats we face, and the need for Congress to take aggressive action to remove legal barriers for sharing cyber threat information. I will lead this effort with other committees in the house and senate to ensure we move forward with greatly needed cybersecurity legislation as soon as possible.