Investigators looking into Anthem Inc.’s data breach are seeing evidence that is pointing to China and “Deep Panda”
In an exclusive report by Michael A. Reilly and Jordon Robertson of Bloomberg Business, state-sponsored Chinese hackers are said to be responsible for one of the largest thefts of medical-related customer data.
Anthem, based in Indianapolis and formerly known as WellPoint may have detected one of the largest data breeches in history with a believed 80 million people having their Social Security numbers and other sensitive details stolen.
While China has repeatedly claimed that it doesn’t conduct espionage through hacking, that remains nothing short of dubious or dishonest in the eyes of security specialists as well as foreign governments’ cyber-security agencies.
Anthem discovered the breach
Unlike the Target, Home Depot, JPMorgan no financial information seems to have been breached. Additionally, a system’s administrator was the first to notice the attack rather than outside security companies. Once the hack was noticed, Anthem went public nearly immediately despite the fact that they could have waited up to 60 days.
A spokesman for the FBI said the agency is “aware of the Anthem intrusion and is investigating the matter” while crediting the company for its “initial response in promptly notifying the FBI after observing suspicious network activity.”
With Social Security numbers, birth dates, and e-mail addresses, experts warn that this information could be used to conduct “phishing” attacks. Government officials also warn that financial, medical and personal information could be used by foreign governments to leverage individuals who would rather have their information remain private.
Potential intelligence/espionage uses?
The writers at BloombergBusiness spoke with Adam Meyers, vice president of intelligence at cybersecurity firm Crowdstrike who echoed these sentiments.
“This goes well beyond trying to access health-care records,” Meyers told Bloomberg. “If you have a rich database of proclivities, health concerns and other personal information, it looks, from a Chinese intelligence perspective, as a way to augment human collection.”
While it is certainly to early to be certain, the three sources speaking to Bloomberg whom are familiar with the investigation remain convinced that there are sufficient “fingerprints” to begin pointing fingers.