The health care insurance company CareFirst BlueCross BlueShield announced on May 20, 2015, it had been the target of a sophisticated cyberattack. Forbes reported that the information of potentially 1.1 million customers was stolen in June 2014, and the attack was only recently discovered when the company reviewed its networks in light of other recent health care information breaches. The data was stolen from a database of names, birth dates, email addresses and subscriber IDs.
According to Forbes, this is the third major health care breach of 2015. The others involved the theft of Social Security cards and medical and financial data of a total of almost 100 million people. A recent survey conducted by the Ponemon Institute reported the health care industry is among the most targeted by cybercrime, as 90 percent of health care and insurance providers have suffered attacks. These kinds of breaches have increased by 125 percent since 2010, and a likely reason is that the information obtained can bring a hacker a lot of money.
"An electronic healthcare record on the black market is worth somewhere between $60 and $70 on the black market, compared to a Social Security number that's worth 50 cents or a dollar," Rick Kam, co-founder of ID Experts, told Forbes. "There's a really significant difference in value on the black market."
In situations like the one faced by CareFirst, managed SIEM services would provide the continuous system monitoring necessary in order to more quickly detect security breaches. Cyberattacks that go undetected can compromise important personal data and result in identity theft and subsequent lawsuits. In order to maintain the privacy of all customers' data, insurance companies and other health care organizations should seek out managed SIEM services to ensure that when threats do happen, they can be detected and dealt with quickly.
Cybersecurity news and analysis brought to you by Arctic Wolf, inventors of FireBreak detection and response security services. FireBreak, when your firewall fails.