The massive data breach that hit health insurer Anthem earlier this year appears to have been an attempt by the Chinese to understand the American healthcare system, the Financial Times reports.
Security experts had already made the connection to China based on the software used in the cyberattack, which compromised the personal information of 80 million people. Software company Symantec, meanwhile, has said it traced the attack to a cyberespionage group known as Black Vine, which includes actors connected to a Beijing-based IT security firm.
Now, officials familiar with the hack investigation tell the Financial Times they believe Chinese hackers targeted Anthem and other healthcare organizations to understand how other nations handle medical care as the country struggles to accommodate its aging population.
"Knowledge is power," one U.S. government official tells the publication. "How is it set up? What are they insuring? Why is this procedure covered but not that one? All of that is useful information."
Anthem could be fined and required to take corrective measures once state insurance regulators and the National Association of Insurance Commissioners issue a report that details their investigation of the breach, according to the article. But the fact that the Anthem hack appears to be state-sponsored has made it difficult for regulators to decide what standards to apply to companies that are victims of such attacks.
Anthem is not the only health insurer to suffer a cyberattack in recent months--Premera BlueCross, CareFirst and Excellus BlueCross BlueShield also have reported breaches. In response, the national Blue Cross Blue Shield Association said it will offer free identity protection to all of its 106 million members.
And the threat applies across the industry, as 81 percent of healthcare executives say their organizations have been the target of cyberattacks during the past two years.
To learn more:
- read the article (registration may be required)
Anthem hack compromises info for 80 million customers
China linked to Anthem attack
Anthem attack traced to sophisticated cyberespionage group 'Black Vine'
Survey: 81 percent of C-suite execs have seen cyberattacks at their facilities
Blue Cross Blue Shield Association to offer identity protection services to all 106M members