homeTech

Anthem Insurance Hacking News: Firm Hit By Huge Data Heist; Chinese Hackers Seen As Culprits

The office building of health insurer Anthem is seen in Los Angeles, California, on Feb. 5, 2015. | REUTERS/Gus Ruelas

Anthem Inc., the second largest health insurance company in the U.S., fell victim to a huge hacking attack on Wednesday in which over 80 million customer records were stolen in what is considered as the biggest data theft in the insurance industry.

Evidence showed that a group of hackers based in China carried out the attack, according to the latest reports.

Among the data stolen from the computer system of Anthem were the names, date of births, home addresses, social security numbers and other personal information of its customers and employees. The company was quick to point out, however, that the medical records of its customers were not touched.

Following the data theft, Anthem issued a statement that alerted former and current members that a "phishing" email scam was going around. People who received the email as part of the scam were pointed towards a link in the email asking them to click on it so that they could sign up for monitoring of their credit. The email also appeared as if it was a genuine version sent from the company.

Anthem informed people not to click on any link in the email, provide any personal information and download any file. The company also stated that it would not call its customers for credit card information or any other personal information, and instead will contact them through mail delivered by the U.S. Postal Service. After being contacted via mail, customers will be able to avail themselves of free credit monitoring, Anthem said.

Cindy Wakefield, a spokesperson for Anthem, said the company did nothing wrong by not encrypting the data that was lying in the warehouse as it was standard policy, adding that the data is only encrypted when being moved.

Wakefield said the data was unencrypted when in their warehouse as employees had to run reports on it frequently. Reports said the hackers stole employee credentials used to access data and then carried out the attack.