What’s behind the biggest data breaches in the insurance sector?

Secfense lists the biggest data breaches in the insurance sector and their common ingredient

The insurance sector, like many other industries, has been targeted by cybercriminals in recent years. Some of the biggest cybersecurity attacks in the insurance sector include:

  1. Anthem Inc. (2015): The Anthem data breach was caused by a phishing attack that resulted in the theft of sensitive data, including passwords and social security numbers.
  2. Hiscox (2018): Hiscox, a British insurance company, suffered a data breach in 2018 that exposed the personal information of approximately 1,500 of its customers. The breach was caused by a password-spraying attack, in which attackers used a list of common passwords to gain access to user accounts.
  3. Excellus BlueCross BlueShield (2015): Excellus BlueCross BlueShield, a health insurer in New York, suffered a data breach in 2015 that exposed the personal information of approximately 10 million individuals. The breach was caused by a phishing attack that allowed attackers to gain access to sensitive data, including passwords and social security numbers.

All these attacks have the same word in common – phishing. So let’s take a closer look at each of these breaches and see what lessons should be learned from them and what security measures should be taken to avoid attacks like these in the future.

Anthem Inc. data breach in 2015 

A cyber attack on Anthem inc occurred in 2015 and was caused by a sophisticated cyber attack that a group of hackers carried out. The attackers were able to gain unauthorized access to the company’s computer systems and steal the personal information of approximately 80 million people, including current and former customers, employees, and contractors.

According to reports, the attackers used a phishing email to gain access to Anthem’s network. They sent a spear-phishing email to an employee, which contained a link to a malicious website. When the employee clicked on the link, they unwittingly installed malware on their computer, which gave the attackers a foothold in Anthem’s network.

From there, the attackers were able to move laterally through the network, escalate their privileges, and access sensitive data. They were able to exfiltrate a large amount of data, including names, birth dates, social security numbers, addresses, email addresses, and employment information.

Anthem reported the breach to law enforcement and worked with cybersecurity experts to investigate and contain the attack. The company also offered credit monitoring and identity theft protection services to affected individuals.

The Anthem breach was one of the largest data breaches in history. It highlighted the importance of effective cybersecurity measures like strong authentication and employee training to prevent data breaches like phishing attacks and other types of cyber threats.

lessons from uber hack 01

Hiscox data breach in 2018 

In 2018, Hiscox, a British insurance company, suffered a data breach that exposed the personal information of approximately 1,500 of its customers. The breach was caused by a technique called “password spraying,” which is a type of brute force attack that involves trying a list of common passwords against a large number of user accounts.

In the case of Hiscox, the attackers used a list of common passwords to gain access to user accounts. Once they gained access to an account, they were able to view and steal personal information, including names, dates of birth, and contact information. The company immediately took steps to investigate and contain the breach and offered identity protection services to affected customers.

Password spraying attacks are becoming more common as cybercriminals look for new ways to gain access to user accounts. To protect against this type of attack, it is important for individuals and organizations to use strong, unique passwords for each account and to implement multi-factor authentication, which requires a second form of verification in addition to a password. Additionally, organizations should conduct regular security audits to identify and address vulnerabilities that cyber criminals could exploit.

Excellus BlueCross BlueShield data breach in 2015 

In 2015, Excellus BlueCross BlueShield, a health insurer in New York, suffered a data breach that exposed the personal and medical information of approximately 10 million individuals. The breach was caused by a sophisticated cyber attack that allowed the attackers to gain unauthorized access to the company’s computer systems.

The attack began in December 2013 and went undetected for nearly two years. The attackers were able to access names, birth dates, social security numbers, addresses, and other sensitive information. The attackers were also able to access some financial information, including credit card numbers for approximately 9,000 individuals.

The exact details of how the attackers gained access to the system are not publicly known. Still, it is believed to have involved a combination of tactics, including phishing emails and malware. The attackers were able to move laterally through the network and exfiltrate a large amount of data before being detected.

Excellus BlueCross BlueShield discovered the breach in August 2015 and immediately launched an investigation. The company offered credit monitoring and identity theft protection services to affected individuals and took steps to improve its security measures, including implementing two-factor authentication and other security controls.

The Excellus BlueCross BlueShield breach is a reminder of the importance of effective cybersecurity measures and the need for organizations to remain vigilant and proactive in protecting their data and systems against cyber attacks.

MFA bombing how to bypass strong authentication
MFA bombing how to bypass strong authentication

Passwords are the real problem.

In conclusion, many of the major cyberattacks that have impacted the insurance sector in recent years were caused by weak or stolen passwords that resulted in successful phishing attacks and data breaches. These attacks highlight the need for stronger authentication measures, such as multi-factor authentication (MFA). MFA provides an additional layer of security beyond passwords and makes it much harder for cybercriminals to gain access to sensitive data.

Modern MFA solutions, such as those based on the FIDO standard, cryptographic keys, and biometrics, are particularly effective in protecting against phishing attacks. Implementing MFA can be challenging, but Secfense’s no-code implementation makes it possible to protect an organization’s entire infrastructure, including modern and legacy applications, in the same, frictionless way. By taking proactive steps to implement MFA, organizations can better protect themselves against the growing threat of cyberattacks and ensure the security of their data and systems.

Learn more about the User Access Security Broker approach to MFA adoption and see how your organization can implement MFA at scale without hiring software developers and without touching protected applications code.

Antoni takes care of all the marketing content that comes from Secfense. Read More

Featured Articles

Keep In Touch

Read More

Passkeys and Regulatory Compliance: Aligning with PSD2, GDPR, HIPAA, and CCPA Standards

Passkeys, developed based on the FIDO Alliance’s FIDO2 and U2F standards, are cryptographic keys designed to replace traditional passwords, providing enhanced security without the vulnerabilities…
Avatar of Antoni Sikora Antoni Sikora

READ TIME 7 MIN

How to implement 2FA without relying on mobile phones

Cybersecurity specialists working in enterprise environments are well aware of the importance of strong authentication methods like FIDO and passkeys. These technologies offer strong, phishing-resistant…
Avatar of Antoni Sikora Antoni Sikora

READ TIME 4 MIN

Managing Authentication in the Aviation

Why Does the Aviation Industry Face Authentication Challenges? The aviation industry comprises a complex network of airlines, airports, third-party suppliers, government agencies, and other stakeholders….
Avatar of Antoni Sikora Antoni Sikora

READ TIME 3 MIN

Testimonials

We are faced with new challenges every day. We must always be one step ahead of the attackers and know what they are going to do before they do it. We are convinced that the User Access Security Broker will bring security to a new level, both for those working at the office and from home. For us, working with Secfense is an opportunity to exchange experience with developers who put great value on out-of-the-box thinking.

Krzysztof Słotwiński

Business Continuity and Computer Security Officer

BNP Paribas Bank Poland

As part of the pre-implementation analysis, we verified that users utilize a wide range of client platforms: desktop computers, laptops, tablets, smartphones, and traditional mobile phones. Each of these devices differs in technological advancement, features, and level of security. Because of this, and also due to the recommendation of the Polish Financial Supervision Authority (UKNF), we decided to introduce additional protection in the form of multi-factor authentication mechanisms based on FIDO. As a result, users of our applications can log in safely, avoiding common cyber threats such as phishing, account takeover, and theft of their own and their clients’ data.

Marcin Bobruk

CEO

Sandis

We are excited to partner with Secfense to enhance our user access security for our web apps. By integrating their User Access Security Broker, we ensure seamless and secure protection for our applications and systems, delivering superior security and convenience to our customers.

Charm Abeywardana

IT & Infrastructure

Visium Networks

Before investing in Secfense, we had the opportunity to talk to its existing clients. Their reactions were unanimous: wow, it’s so easy to use. We were particularly impressed by the fact that implementing their solution does not require the involvement of IT developers. It gives Secfense a huge advantage over the competition, and at the same time opens the door to potential customers who so far were afraid of changes related to the implementation of multi-factor authentication solutions.

Mateusz Bodio

Managing Director

RKKVC

Even when the network and infrastructure are secured enough, social engineering and passwords can be used to gain control of the system by attackers. Multifactor authentication is the current trend. Secfense addresses this and allows you to build zero trust security and upgrade your current systems to passwordless applications within minutes, solving this problem right away,” said Eduard Kučera, Partner at Presto Ventures and cybersecurity expert – former Director in hugely successful Czech multinational cyber security firm Avast.

Eduard Kučera

Partner

Presto Ventures

One of the biggest challenges the world is facing today is securing our identity online. That’s why we were so keen to have Secfense in our portfolio. They make it possible to introduce strong authentication in an automated way. Until now, organizations had to selectively protect applications because the deployment of new technology was very hard, or even impossible. With Secfense, the implementation of multi-factor authentication is no longer a problem, and all organizations can use the highest standards of authentication security.

Stanislav Ivanov

Founding Partner

Tera Ventures

Two-factor authentication is known to be one of the best ways to protect against phishing; however, its implementation has always been difficult. Secfense helped us solve that problem. With their security broker, we were able to introduce various 2FA methods on our web applications at once.

Dariusz Pitala

Head of IT

MPEC S.A.