The domino effect pervades data security; if one person or institution is unsafe, everyone else is at risk. This is especially evident in the recent Anthem data breach, where one company’s vulnerability has exposed all of American society to foreign espionage:
Anthem is the country’s second-largest health insurance provider, serving tens of millions of people in all 50 states. Reports that the company had been hacked thus quickly became a national concern. Carried out in February of 2015, the attack began as a phishing scam to access 90 company systems and steal sensitive information. Although Anthem responded quickly, it took 3 days to repell the hackers, by which point they had stolen data on over 78 million people.
In the two years since the data breach, security analysts have worked tirelessly to identify the attackers. On January 6 of this year, they raised new alarms by identifying the attackers as likely agents of a foreign government. Federal officials have kept the government’s identity secret from the public, worrying that revealing this information would disrupt the investigation. Analysts still do not know the government’s motives or how it will use the stolen information.
Any data breach of this size is concerning, but the fact that the target was a health insurance provider makes it especially dangerous. Insurance companies must collect a myriad of private details about their customers, including their dates of birth, Social Security numbers, and employment histories. Foreign governments could use this information to spy on American citizens, and with 78 million people affected, there’s virtually no limit to the institutions that are vulnerable to espionage.
Whatever comes of this data breach, it is clear that health insurers and other companies with sensitive information cannot take security lightly. Preventing future leaks requires the cooperation of: