Anthem Settles with 44 States for $40M Over 2014 Breach of 78.8M
A multi-state coalition made up of 44 states and Washington, D.C reached a $39.5 million settlement with Anthem, to resolve breach claims stemming from the insurer’s 2014 cyberattack that compromised the data of 78.8 million patients.
A foreign advanced persistent threat actor (APT) hacked into Anthem’s database beginning in February 2014. However, the insurer did not discover the breach until nearly a year later in January 2015. The access was gained after an employee opened a phishing email, which contained the malicious payload.
In doing so, the threat actor gained remote access to the employee’s computer and at least 90 other systems within Anthem’s infrastructure, including...