Companies are attacked an average of 16,856 times a year, with many resulting in data breaches, according to International Business Machines Corporation. With today’s data moving freely between corporate networks, the trend is rapidly accelerating.
Based on the current facts, there is no evidence that credit card or medical information was targeted or compromised from the attack, according to a press release from Anthem President and CEO Joseph Swedish.
“These attackers gained unauthorized access to Anthem’s IT system and have obtained personal information from our current and former members such as their names, birthdays, medical IDs/Social Security numbers, street addresses, email addresses and employment information, including income data,” he said in the press release.
Swedish also said that as soon as the cyber attack was discovered, Anthem made every effort to close the security vulnerability, as well as contact the FBI, who began to fully cooperate with Anthem’s investigation. He also said they got in touch with Mandiant, one of the world’s leading cyber-security firms to evaluate their systems and identify solutions based on the evolving landscape.
According to a press release from IU Associate Vice President of Human Resources John Whelan, although there is no indication that the cyber attack directly affected IU employees, Anthem still notified IU of the potential risk.
“We are working closely with Anthem and remain in frequent contact with them to understand the extent of the breach and how it might affect IU employees,” he said in the release. “University Human Resources will continue to monitor and communicate new information as it becomes available.”
The IU human resources department has uploaded files to its university page that include an FAQ section about the incident as well as tips on how to minimize the risk of identity theft. Some of the tips include always monitoring credit and existing accounts, setting a credit freeze, getting three annual credit reports and being aware of phishing, a type of cyber attack carried out through email.
In response to the attack, Anthem has created a website and a free hotline dedicated to answering questions and providing facts about the incident. According to the release from Swedish, Anthem wishes to continually update the website and share more information with the public as they learn more about what happened.
“Anthem will individually notify current and former members whose information has been accessed,” he said in the press release. “We will provide credit monitoring and identity protection services free of charge so that those who have been affected can have peace of mind.”
Swedish made a personal apology to Anthem members and said he is aware of the expectation for Anthem to protect its members’ information.
“We will continue to do everything in our power to make our systems and security processes better and more secure and hope that we can earn back your trust and confidence in Anthem,” he said in the press release.
