AplusWebMaster
2015-02-07, 17:30
FYI...
Anthem ...
- http://www.nytimes.com/2015/02/07/business/data-breach-at-anthem-may-lead-to-others.html
Feb 6, 2015 - "After an online attack on Anthem, by far the largest breach in the industry, security experts warned on Friday that more attacks on health care organizations were likely because of the high value of the data on the black market. Anthem, one of the country’s largest health insurers, said the hackers did not appear to have stolen information about its customers’ medical claims. But medical identification numbers were taken, along with Social Security numbers, addresses and email addresses, which could be used for medical fraud. According to a federal database, many much smaller attacks across the country have included both medical records and financial information. Medical identity theft has become a booming business, according to security experts, who warn that other health care companies are likely to be targeted as a result of the hackers’ success in penetrating Anthem’s computer systems. Hackers often try one company to test their methods before moving on to others, and criminals are becoming increasingly creative in their use of medical information... The publicity surrounding the breach, which exposed information on about 80 million people, is already generating phishing email scams, in which criminals posing as legitimate businesses try to persuade people to sign up for bogus credit protection services and provide personal information about themselves. On Friday, Anthem sent out an alert to its customers warning them of the scam, which the company described as an “opportunistic” attempt to take advantage of news of the breach, but the company emphasized it had no evidence that the scam artists were the hackers. The company, which operates under a series of Blue Cross plans in states like California, Connecticut and New York, is working with federal investigators to determine the source of the attack. Some signs continued to point to China, which has previously been thought to target health care companies, although the investigation is still in its early stages..."
- http://www.reuters.com/article/2015/02/07/us-anthem-cybersecurity-warning-idUSKBN0LA24F20150207
Feb 6, 2015 - "Health insurer Anthem Inc on Friday warned U.S. customers about an email -scam- targeting former and current members whose personal information was suspected to have been breached in a massive cyber attack..."
- http://krebsonsecurity.com/2015/02/phishers-pounce-on-anthem-breach/
Feb 7, 2015 - "... variations on the -scam- pictured below, which -spoofs- Anthem and offers recipients a free year’s worth of credit monitoring services for those who click the embedded link
Do-not-click or respond to these phishing emails:
> http://krebsonsecurity.com/wp-content/uploads/2015/02/anthemphish.jpg
... The company says it will begin sending notifications to affected consumers via snail mail in the coming weeks. In the meantime, if you’re a current or former Anthem member, be aware that these types of -scams- are likely to escalate in the coming days and weeks."
- http://www.anthemfacts.com/faq
- http://www.anthemfacts.com/
___
- http://krebsonsecurity.com/2015/02/anthem-breach-may-have-started-in-april-2014/
Feb 9, 2015
> https://www.virustotal.com/en-gb/file/8d168092d5601ebbaed24ec3caeef7454c48cf21366cd76560755eb33aff89e9/analysis/
> http://krebsonsecurity.com/wp-content/uploads/2015/02/hitrustalert-600x457.png
___
- https://isc.sans.edu/diary.html?storyid=19299
2015-02-06
:fear::fear:
Anthem ...
- http://www.nytimes.com/2015/02/07/business/data-breach-at-anthem-may-lead-to-others.html
Feb 6, 2015 - "After an online attack on Anthem, by far the largest breach in the industry, security experts warned on Friday that more attacks on health care organizations were likely because of the high value of the data on the black market. Anthem, one of the country’s largest health insurers, said the hackers did not appear to have stolen information about its customers’ medical claims. But medical identification numbers were taken, along with Social Security numbers, addresses and email addresses, which could be used for medical fraud. According to a federal database, many much smaller attacks across the country have included both medical records and financial information. Medical identity theft has become a booming business, according to security experts, who warn that other health care companies are likely to be targeted as a result of the hackers’ success in penetrating Anthem’s computer systems. Hackers often try one company to test their methods before moving on to others, and criminals are becoming increasingly creative in their use of medical information... The publicity surrounding the breach, which exposed information on about 80 million people, is already generating phishing email scams, in which criminals posing as legitimate businesses try to persuade people to sign up for bogus credit protection services and provide personal information about themselves. On Friday, Anthem sent out an alert to its customers warning them of the scam, which the company described as an “opportunistic” attempt to take advantage of news of the breach, but the company emphasized it had no evidence that the scam artists were the hackers. The company, which operates under a series of Blue Cross plans in states like California, Connecticut and New York, is working with federal investigators to determine the source of the attack. Some signs continued to point to China, which has previously been thought to target health care companies, although the investigation is still in its early stages..."
- http://www.reuters.com/article/2015/02/07/us-anthem-cybersecurity-warning-idUSKBN0LA24F20150207
Feb 6, 2015 - "Health insurer Anthem Inc on Friday warned U.S. customers about an email -scam- targeting former and current members whose personal information was suspected to have been breached in a massive cyber attack..."
- http://krebsonsecurity.com/2015/02/phishers-pounce-on-anthem-breach/
Feb 7, 2015 - "... variations on the -scam- pictured below, which -spoofs- Anthem and offers recipients a free year’s worth of credit monitoring services for those who click the embedded link
Do-not-click or respond to these phishing emails:
> http://krebsonsecurity.com/wp-content/uploads/2015/02/anthemphish.jpg
... The company says it will begin sending notifications to affected consumers via snail mail in the coming weeks. In the meantime, if you’re a current or former Anthem member, be aware that these types of -scams- are likely to escalate in the coming days and weeks."
- http://www.anthemfacts.com/faq
- http://www.anthemfacts.com/
___
- http://krebsonsecurity.com/2015/02/anthem-breach-may-have-started-in-april-2014/
Feb 9, 2015
> https://www.virustotal.com/en-gb/file/8d168092d5601ebbaed24ec3caeef7454c48cf21366cd76560755eb33aff89e9/analysis/
> http://krebsonsecurity.com/wp-content/uploads/2015/02/hitrustalert-600x457.png
___
- https://isc.sans.edu/diary.html?storyid=19299
2015-02-06
:fear::fear: