News

1/10/2017
09:35 AM
50%
50%

Probe Says Foreign Govt. Likely Behind Anthem Breach

Investigation into the Anthem hack suggests a foreign government, potentially China, could be responsible.

Investigation into "one of the largest cyber hacks of an insurance company's customer data" has revealed with a "significant degree of confidence" that a foreign government is likely behind it, says Infosecurity, quoting a California Department of Insurance (DoI) report. Insurance company Anthem suffered a data breach in 2014 that affected 78.8 million consumer records, including income data and social security numbers but unlikely credit card or medical details.

The DoI, which probed the breach, says the attacker was acting on behalf of a "foreign government." Earlier attempts to find the attacker determined the actors were in China.

California Insurance Commissioner Dave Jones stated: "The United States government needs to take steps to prevent and hold foreign governments and other foreign actors accountable for cyber-attacks on insurers, much as the president did in response to Russian government-sponsored cyber-hacking in our recent presidential election."

Anthem, which hired cybersecurity firm Mandiant to investigate, has already spent more than $260 million on remedial measures following the breach, including providing credit protection to victims.

Read more on Infosecurity.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "I'm not sure I like this top down management approach!"
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17358
PUBLISHED: 2018-09-23
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a ...
CVE-2018-17359
PUBLISHED: 2018-09-23
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.
CVE-2018-17360
PUBLISHED: 2018-09-23
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executa...
CVE-2018-17361
PUBLISHED: 2018-09-23
Multiple XSS vulnerabilities in WeaselCMS v0.3.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php because $_SERVER['PHP_SELF'] is mishandled.
CVE-2018-17364
PUBLISHED: 2018-09-23
OTCMS 3.61 allows remote attackers to execute arbitrary PHP code via the accBackupDir parameter.