Anthem Settles with 44 States for $40M Over 2014 Breach of 78.8M

HealthITSecurity.com

Jessica Davis

A multi-state coalition made up of 44 states and Washington, D.C reached a $39.5 million settlement with Anthem, to resolve breach claims stemming from the insurer’s 2014 cyberattack that compromised the data of 78.8 million patients.

A foreign advanced persistent threat actor (APT) hacked into Anthem’s database beginning in February 2014. However, the insurer did not discover the breach until nearly a year later in January 2015. The access was gained after an employee opened a phishing email, which contained the malicious payload.

In doing so, the threat actor gained remote access to the employee’s computer and at least 90 other systems within Anthem’s infrastructure, including...

Get the Morning Update

Thanks for subscribing!