AGL 40.00 No Change ▼ 0.00 (0%)
AIRLINK 129.00 Decreased By ▼ -0.53 (-0.41%)
BOP 6.76 Increased By ▲ 0.08 (1.2%)
CNERGY 4.50 Decreased By ▼ -0.13 (-2.81%)
DCL 8.70 Decreased By ▼ -0.24 (-2.68%)
DFML 41.00 Decreased By ▼ -0.69 (-1.66%)
DGKC 81.30 Decreased By ▼ -2.47 (-2.95%)
FCCL 32.68 Decreased By ▼ -0.09 (-0.27%)
FFBL 74.25 Decreased By ▼ -1.22 (-1.62%)
FFL 11.75 Increased By ▲ 0.28 (2.44%)
HUBC 110.03 Decreased By ▼ -0.52 (-0.47%)
HUMNL 13.80 Decreased By ▼ -0.76 (-5.22%)
KEL 5.29 Decreased By ▼ -0.10 (-1.86%)
KOSM 7.63 Decreased By ▼ -0.77 (-9.17%)
MLCF 38.35 Decreased By ▼ -1.44 (-3.62%)
NBP 63.70 Increased By ▲ 3.41 (5.66%)
OGDC 194.88 Decreased By ▼ -4.78 (-2.39%)
PAEL 25.75 Decreased By ▼ -0.90 (-3.38%)
PIBTL 7.37 Decreased By ▼ -0.29 (-3.79%)
PPL 155.74 Decreased By ▼ -2.18 (-1.38%)
PRL 25.70 Decreased By ▼ -1.03 (-3.85%)
PTC 17.56 Decreased By ▼ -0.90 (-4.88%)
SEARL 78.71 Decreased By ▼ -3.73 (-4.52%)
TELE 7.88 Decreased By ▼ -0.43 (-5.17%)
TOMCL 33.61 Decreased By ▼ -0.90 (-2.61%)
TPLP 8.41 Decreased By ▼ -0.65 (-7.17%)
TREET 16.26 Decreased By ▼ -1.21 (-6.93%)
TRG 58.60 Decreased By ▼ -2.72 (-4.44%)
UNITY 27.51 Increased By ▲ 0.08 (0.29%)
WTL 1.41 Increased By ▲ 0.03 (2.17%)
BR100 10,450 Increased By 43.4 (0.42%)
BR30 31,209 Decreased By -504.2 (-1.59%)
KSE100 97,798 Increased By 469.8 (0.48%)
KSE30 30,481 Increased By 288.3 (0.95%)

Health insurer Anthem Inc on Friday warned US customers about an email scam targeting former and current members whose personal information was suspected to have been breached in a massive cyber attack. The No 2 US health insurer said on Wednesday that hackers breached its computer system containing data on up to 80 million people.
Anthem announced the warning about the email scam in a statement, saying they purport to come from Anthem and ask recipients to click on a link to obtain credit monitoring. Anthem advised recipients not to click on links or provide any information on any website. The company said it will contact current and former members about the attack only via mail delivered by the US Postal Service. It is not calling members regarding the breach and is not asking for credit card information or Social Security numbers over the phone.
Anthem said there was no indication the email scam was connected to those who perpetrated the security breach. The insurer acknowledged that data accessed by hackers had not been encrypted, as is the normal practice at many companies. "When the data is moved in and out of the warehouse it is encrypted. But when it sits in the warehouse, it's not encrypted," Anthem spokeswoman Cindy Wakefield said.
Anthem needs to be able to easily access patient data in order to create the numerous reports it generates for customers and regulators as part of doing business, Wakefield explained. "I think that is standard practice," she added. "How we managed our data in the warehouse has been appropriate," Wakefield said. "No one has pointed a finger and said you did this wrong and this is why this happened." But Richard Marshall, a former senior cybersecurity defense expert at the US National Security Agency, said the numbers should have been encrypted.
"Social Security numbers can be sold to people who are here illegally," said Marshall, who now advises private security firms. "Identity theft is a major issue." In a separate case on Friday, Intuit Inc temporarily halted electronic state tax return filings by its customers after detecting what a spokeswoman said was identify theft-driven fraudulent returns seeking refunds. She said the fraud had not been tied to any specific breach, including that at Anthem.
Intuit said late Friday it had resumed electronic filings of state tax returns. Experts at other companies said they believed that Anthem attacks would eventually be tied to one of the most sophisticated hacking groups in China, which security firm CrowdStrike calls Deep Panda and which reportedly began targeting the healthcare industry last year. "We've seen the Deep Panda actor registering domain names that were haelth-sector specific and could be potentially tied to victims," said Adam Meyers, CrowdStrike vice president of threat intelligence.

Copyright Reuters, 2015

Comments

Comments are closed.