Anthem Data Wasn’t Encrypted, But It Might Not Have Mattered
Since the Anthem attackers reportedly used an administrator password, encryption probably wouldn’t have made a difference.
Health insurer Anthem says its compromised database of customer information wasn’t encrypted.
The Anthem attack is thought to have compromised identifying information — including names, addresses, employment data and social security numbers — for as many as 80 million Anthem employees and customers. (Video via Anthem)
Anthem executive Thomas Miller told The New York Times the insurer “had doubled its investment in this area over the last four years and was actively considering encrypting its internal database as well as taking other steps to improve its security.”
But it hadn’t locked down the database yet: in part because it’s not required by law to do so.
The Health Insurance Portability and Accountability Act, or HIPAA, recommends — but does not require — insurers encrypt their data if they think it will cut down on the risk of theft.
Anthem was trying to balance protection and usability, one insider told The Wall Street Journal.
“Scrambling the data could have made it less valuable to hackers or harder to access in bulk. It also would have made it harder for Anthem employees to track health care trends or share data with states and health providers.”
But there’s some evidence encryption wouldn’t have helped protect anything. Anthem officials say whoever hacked into their database used a stolen administrator password.
This means as far as the computer was concerned, it was legitimate access and there was no need for extra security.
Now, of course, Anthem says it’s working to patch that fault in its security process. The insurer says it will also contact current and former customers with instructions for enrolling in credit and identity protection services.
This video includes images from Getty Images.
Starbucks’ new CEO says he’ll work as a barista once a month
The executive says his barista training helped him understand what works well, and where they need to improve.
Hair discrimination is a problem in the workplace, study says
A new study shows more than 20% of Black women ages 25 to 34 have been sent home from work because of their hair.
Report: Gen Z accumulating debt faster than other generations
Generation Z had, on average, more than $16,000 of debt at the end of of 2022. That's an increase of 3% from earlier in the year.
Texas police: Migrants found 'suffocating' in train; 2 dead
Migrants routinely travel through Uvalde, Texas, where the migrants were stopped, often leading to high-speed vehicle pursuits.
Pennsylvania chocolate plant blast kills 2, leaves 9 missing
Some residents were displaced from a neighboring apartment building that was damaged in the explosion.
Trump rallying supporters in Waco ahead of possible charges
The rally comes as Trump has berated prosecutors, encouraged protests and raised the prospect of possible violence should he be criminally charged.