Excellus data breach affects millions

September 29, 2015 Arctic Wolf Networks

In the health care sector, there have recently been strings of revelations related to cyberattacks as well as new data breaches happening on a consistent basis. The most recent victim of these events, Excellus BlueCross Blue Shield, shows that no organization is safe and that health care providers must take additional steps to ensure that their information is secure. By using security incident event management (SIEM) services, businesses can take a step in the right direction to protect themselves and their clients' data from cybersecurity attacks.

The ripple effect
Excellus recently revealed that its IT systems were breached by cyberattackers. It's believed that around 7 million Excellus members and an additional 3.5 million members under affiliate Lifetime Healthcare Companies were affected by the incident. Unauthorized computer access was discovered in early August, but there was not any indication that information was removed or used inappropriately. Affected data could include names, birth dates, mailing addresses, phone numbers, Social Security numbers, financial information, claims information and member identification numbers.

Although the investigation is still determining the scope of the breach, an initial assessment revealed a previous event on Excellus' systems. In an evaluation done by a cybersecurity firm, the August attack was discovered as well as an initial breach that happened on Dec. 23, 2013, Rome Sentinel reported. In response to these findings, Excellus has offered credit monitoring and identity theft protection, as well as promising to strengthen and enhance security to prevent future attacks.

"It's proof positive how a single security penetration can disrupt the lives of millions of people," Hillstone CTO Tim Liu told NewsFactor Newtork. "As the victims will now have to be diligent in monitoring for signs of identity theft, organizations need to go beyond traditional security measures and adopt a more aggressive, proactive approach to cybersecurity with continuous monitoring, increased visibility and other safeguards in place to help discover these breaches before major damage can occur."

Health care vulnerability growing
There are a number of other health care organizations that have been breached recently, showing just how valuable this data is and reminding providers to reevaluate their protection efforts. In fact, according to an industry report, the health care industry accounted for 21.1 percent of data breaches in the first half of 2015, making it the most vulnerable sector to cyberattacks, HealthData Management reported. While the number of breaches recorded was down from other periods, health care industry attacks still had the top spot for number of records breached, making up 34 percent of all reported breaches.

While the Excellus breach netted a significant number of exposed records, the largest attack this year so far was on Anthem Insurance, which affected approximately 78.8 million documents. To make matters worse, the average health care breach during the surveyed period netted more than 450,000 data records – a remarkable 200 percent increase compared to the same time last year. This massive jump indicates that malicious individuals are realizing the massive value of these data sets are increasingly setting their sights on organizations with this type of information.

One recommendation made across the board for these situations is to invest in security incident event management (SIEM) solutions. With this type of service, organizations will not only be able to more intelligently secure their sensitive documents, but ensure that any abnormal behavior is spotted quickly and responded to accordingly. This will help mitigate vulnerabilities and give patients peace of mind that their health care providers are secure and reliable.

Cybersecurity news and analysis brought to you by Arctic Wolf, leading provider of managed SIEM services.

Previous Article
Biometrics compromised in OPM breach

While a number of personal details were exposed by the OPM breach, new information has come to light that s...

Next Article
Major B2B Web services provider latest data breach victim

Web.com was recently hacked, but they were luckily able to catch it early thanks to scheduled monitoring.

×

Want cybersecurity updates delivered to your inbox?

First Name
Last Name
Company
!
Thanks for subscribing!
Error - something went wrong!