Anthem's recent data breach should be a startling wakeup call to other insurance carriers and companies operating in the medical world.
Up to 80 million of the company's members could be at risk of identity theft, with hackers able to make off with client names, physical mailing addresses, birth dates, email addresses, Social Security numbers and medical ID data.
The cost of the breach could top $100 million, as Anthem's cyberinsurance policy will likely be exhausted following this incident.
"The health insurance industry reflects a deeply interconnected web of companies, including hospitals, doctors, practices, secondary insurance providers, and government programs like Medicare and Medicaid," said Ivan Shefrin, VP of security solutions at TaaSera, in a statement published on DarkReading. "Most large companies in the insurance payment sector have a strong team of in-house cyber security experts. However, the majority of companies with which they connect are small, understaffed with limited budgets for cyber security."
Cybercriminals are interested - and motivated - to steal medical data, due to the large amount of personal information that insurance companies collect. This information is much more valuable on the black market than regular data that is stolen in a data breach.