SACRAMENTO ( — A cyber security breach of health insurance giant Anthem which compromised the records of nearly 80 million consumers was likely committed by a party “acting on behalf of a foreign government”, state insurance officials said Friday.

Officials with the California Department of Insurance released the results of a national investigation into Insurance Commissioner Dave Jones called “one of the largest cyber hacks of an insurance company’s customer data.”

“In this case, our examination team concluded with a significant degree of confidence that the cyber attacker was acting on behalf of a foreign government,” said Jones.

The cyber breach was first discovered by Anthem on Jan. 27, 2015. In early Feb. 2015, Anthem and its affiliates announced the company had suffered a major breach, which compromised 78.8 million consumer records, including records of at least 12 million minors.

In response to the breach, Anthem agreed to pay more than $260 million to upgrade its information security systems and provide credit protection to all consumers whose information was compromised.

Investigators determined the data breach began in Feb. 2014 when they say a user within one of Anthem’s subsidiaries opened a phishing email containing malicious content, which permitted the download of malicious files to the user’s computer and allowed hackers to gain remote access to that computer and at least 90 other systems within the Anthem enterprise, including Anthem’s data warehouse.

The identity of the attacker was later determined “with a high degree of confidence”, while investigators concluded “with a medium degree of confidence” that the attacker was acting on behalf of a foreign government, officials said. The identity of the foreign government was not revealed.

Insurance officials used an examination team composed of the cybersecurity firm CrowdStrike and Alvarez & Marsal Insurance and Risk Advisory Services, LLC, which focused its investigation on Anthem’s response preparedness and adequacy both before and prior to the breach.

CrowdStrike is the same firm used by the FBI to investigate the hacking of the Democratic National Committee in May 2016.


Leave a Reply

Please log in using one of these methods to post your comment:

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

More From CBS Los Angeles

Weather Team
Goldstein Tipline

Watch & Listen LIVE