Anthem Data Breach: Data Not Encrypted

computersecurity3This week health insurance company Anthem was the victim of an extensive data breach that compromised the data of millions of their current and former employees and customers.  It has come to light that the particular data that was stolen (names, addresses, social security numbers, etc) was not encrypted.  The reason?  It’s not specifically required.  According to HIPPA, companies are not specifically required to encrypt this type of data.  They are merely given a guideline to do it at their own discretion.

It’s said that encrypting the data wouldn’t have prevented the data from being stolen, however, as the data was obtained after the hackers bypassed the security credentials.  “Anthem’s database was accessed after bypassing our security protocols,” an Anthem spokesperson told CNet.com. “Because an administrator’s credentials were compromised, additional encryption would not have thwarted the attack.”

Where does this leave Anthem?  They have already patched the breach and hired the FBI as well as Mandiant security to help them with the forensic analysis, and some early reports are even pointing at state-sponsored hackers originating in China.  However, this is another high profile data breach that points to the ever increasing importance of data security by major companies.

American companies really need to step it up as they are increasingly becoming the target of foreign hackers looking to prey specifically on Americans.  It will be interesting to see how the government responds as well, seeing as how some of these attacks have been state sponsored by certain countries.  It’s becoming more and more difficult to stay one step ahead of hackers, who seem to have nothing better to do than to figure out how to bypass the ever increasing security measures.  What’s even more a threat is the coming age of quantum computing, which would render today’s encryption standards obsolete.

 

About the Author

Roger Feinstein has grown up with computers his entire life and strives to help others understand what goes on behind the scenes in their PCs. He's been writing tech articles for websites for over 5 years.

Leave a Reply




If you want a picture to show with your comment, go get a Gravatar.