Ramifications of the Anthem hack

The Anthem hack has been getting a lot of news coverage because it is one of the larger data breaches in recent years. Of course it is in fairly good company (Sony, Home Depot, Target spring to mind) but it has some features that are unique. These features mean that the impact on those whose data was stolen is probably less than some other hacks, but that doesn't mean people can relax.

All the information so far seems to indicate that the hack was undertaken by a state sponsored group (see link above and also this one) which means that the hackers probably aren't going to sell the details on the criminal underground for identity theft or other similar purposes. That's good, it suggests the victims won't discover that someone else has filed a tax return on their behalf to fraudulently claim a refund or do some other fraud on them. Unless of course they are the target of the breach.

Of course people who work in positions that may be of interest to spies (or relatives of such people) definitely DO need to be on the look out for carefully crafted spear-phish emails that convince them to open infected word documents or similar. Since the hackers have presumably got the details of many members of the same organization they will no doubt find it relatively simple to come up with a suitably plausible email from someone who seems to be a colleague.

On the other hand that doesn't mean that the rest of the world can relax. There are already reports of scammers sending emails to anthem victims that try to trick them into handing over more details (though at least one of these turns out to be some good guys deliberately sending an email to try and educate) and there will no doubt be more.

The bottom line is that everyone should treat emails from "Anthem" or any of its related names (Wellpoint, Blue Cross etc.) with extreme suspicion and should NOT click on the links. It would also, undoubtedly help to have policies that block access to IP addresses in strange places, just in case.

Share this: