New Anthem Inc. hack disclosed; KnowBe4 issues alert and warning to customers to watch out for the inevitable spate of phishing attempts that is likely to follow
(Tampa Bay, FL) Feb 5, 2015--Late Wednesday, both the Wall Street Journal and cyber security blogger Brian Krebs reported Anthem Inc., the nation’s second largest health insurer disclosed that hackers had broken into its servers and stolen Social Security numbers and other personal data. The WSJ said this could be up to 80 million records which makes this one of the largest hacks in Healthcare.
Stu Sjouwerman, CEO of KnowBe4 said, “What is new about this attack is that Anthem discovered it themselves, and decided to report it early. We can expect to see a flood of phishing emails disguised as notifications from Anthem. HR, Finance are likely targets along with consumers. Don’t open anything suspicious. Anthem is being very smart about notification in writing as opposed to email notifications.”
Anthem said that the company was the target of a “very sophisticated external cyber attack” that exposed names, dates of birth, member ID/ Social Security numbers, addresses, phone numbers, email addresses and employment information. The company stressed that the exposed data did not include medical records or financial information.
Anthem published a statement that they are working around the clock to determine how many people have been impacted and will notify all Anthem members who are impacted through a written communication.
Sjouwerman noted, “It is not clear how the bad guys got in, but this smells of a spear phishing attack by eastern European cyber mafia followed by data exfiltration, pretty much social engineering business as usual for them. It is important actions are taken to step users through thorough and effective security awareness training to prevent a data breach disaster like this.”
For more information on KnowBe4 or Kevin Mitnick Security Awareness Training, visit:
About Stu Sjouwerman and KnowBe4
Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, LLC, which provides web-based Security Awareness Training (employee security education and behavior management) to small and medium-sized enterprises. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Inc. 500 company Sunbelt Software, an award-winning anti-malware software company that he and his partner sold to GFI Software in 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help entrepreneurs tackle cybercrime tactics through advanced security awareness training. KnowBe4 services hundreds of customers in a variety of industries, including highly-regulated fields such as healthcare, finance and insurance and is experiencing explosive growth with a surge of 427% in 2013 alone. Sjouwerman is the author of four books, with his latest being Cyberheist: The Biggest Financial Threat Facing American Businesses.
About Kevin Mitnick
Kevin Mitnick is an internationally recognized computer security expert with extensive experience in exposing the vulnerabilities of complex operating systems and telecommunications devices. He gained notoriety as a highly skilled hacker who penetrated some of the most resilient computer systems ever developed. Today, Mitnick is renowned as an information security consultant and speaker, and has authored three books, including The New York Times best seller Ghost in the Wires. His latest endeavor is a collaboration with KnowBe4, LLC.