Another Hack With Another 10 Million Compromised

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://dailysignal.com/2015/09/14/another-hack-with-another-10-million-compromised/

While the biggest names in the intelligence community testified last week
on Worldwide Cyber Threats, news continued to break over another health
insurance company being hacked. Excellus BlueCross BlueShield released a
statement this week about a cyber theft that could compromise the personal
information of up to 10.5 million customers.

Excellus reportedly learned about the intrusion August 5th and that the
initial intrusion began as early as December 2013. The investigation is
on-going and Excellus has yet to confirm how much of the information has
been manipulated and if how – only that the personal information of its
customers have been accessed. There has been no attribution so far as to
who might have committed the hack.

It is no surprise to see yet another health insurance company fall victim
to a cyber theft. With the theft of 4.5 million from Community Health
Services reported last year, 80 million from Anthem Inc. in February this
year, 11 million from Premera Blue Cross in March, and 1.1 million from
CareFirst BlueCross BlueShield in May – cyber thieves are seeking any
information they can get their hands on such as names, addresses,
birthdates, and social security numbers to sell or use online.

In a world increasingly connected through the internet and growing
collection of customer data, personal information is highly desired for
hackers and businesses alike– as we’ve seen with the hack of the Office of
Personnel Management and other public and private industries, and growing
industry of the internet of things and big data. Electronic information as
a whole, as Director of National Intelligence James Clapper warned
Thursday, will become more at risk for manipulation in the future –
possibly foreshadowing the future of cybersecurity as more a rick for
espionage than theft.

There is likely no end to the increasing frequency of reports of
information being stolen, but that doesn’t mean companies and costumers
should become complacent about cybersecurity and theft. Companies and
customers should continuously evaluate their information that’s accessible
electronically and how this information is being secured. And that while
there is no panacea for perfect cybersecurity, information sharing and
international cooperation in cybersecurity can help reduce the severity of
cyber hacks and attacks.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!