Anthem Medicare Patients Hit with Breach

Written by

Just days after being ordered to pay $115 million in a settlement over the 2015 data breach that affected nearly 80 million Americans, Anthem has been hit again.

Medicare patients on its insurance roster may be affected by identity theft, thanks to a potentially malicious employee at a third-party company that provides insurance coordination for the health care giant.

That third party, LaunchPoint Ventures, said in a statement that it discovered the employee’s activities in April; the employee in question emailed a file with information about Anthem companies’ members to his personal email address on July 8, 2016. It included the protected health information (PHI) of various members, including Social Security Numbers, Health Plan ID numbers (HCID), Medicare contract numbers, ID numbers and dates of enrollment, and in some cases, last names and dates of birth were also included.

It’s unclear how many consumers are affected.

After hiring a forensics team, it also learned that some other, non-Anthem data may also have been misused by the employee.

The employee has been incarcerated and is under investigation by law enforcement for matters unrelated to the emailed Anthem file, it added. Even so, LaunchPoint said that it doesn’t know yet if the email was related to a legitimate work purpose, or whether the information was used for nefarious purposes.

“Collaboration and the use of third-party contractors are necessary, but we have seen them be the weak link in a number of recent high-profile breaches,” said Vishal Gupta, CEO of Seclore, via email. “The problem lies in that organizations typically focus on protecting the perimeter. While this is important, security can’t stop there—what happens if the bad guy is already inside the network, or when the data travels outside the organization?”

He added, “This is a perfect example of why data itself is the new perimeter, and IT teams need to focus on securing the actual information, as opposed to the hardware that stores it. Taking a data-centric approach to security is a necessary last line of defense when all other security measures fail.”

What’s hot on Infosecurity Magazine?