The insurance sector, like many other industries, has been targeted by cybercriminals in recent years. Some of the biggest cybersecurity attacks in the insurance sector include:
- Anthem Inc. (2015): The Anthem data breach was caused by a phishing attack that resulted in the theft of sensitive data, including passwords and social security numbers.
- Hiscox (2018): Hiscox, a British insurance company, suffered a data breach in 2018 that exposed the personal information of approximately 1,500 of its customers. The breach was caused by a password-spraying attack, in which attackers used a list of common passwords to gain access to user accounts.
- Excellus BlueCross BlueShield (2015): Excellus BlueCross BlueShield, a health insurer in New York, suffered a data breach in 2015 that exposed the personal information of approximately 10 million individuals. The breach was caused by a phishing attack that allowed attackers to gain access to sensitive data, including passwords and social security numbers.
All these attacks have the same word in common – phishing. So let’s take a closer look at each of these breaches and see what lessons should be learned from them and what security measures should be taken to avoid attacks like these in the future.
Anthem Inc. data breach in 2015
A cyber attack on Anthem inc occurred in 2015 and was caused by a sophisticated cyber attack that a group of hackers carried out. The attackers were able to gain unauthorized access to the company’s computer systems and steal the personal information of approximately 80 million people, including current and former customers, employees, and contractors.
According to reports, the attackers used a phishing email to gain access to Anthem’s network. They sent a spear-phishing email to an employee, which contained a link to a malicious website. When the employee clicked on the link, they unwittingly installed malware on their computer, which gave the attackers a foothold in Anthem’s network.
From there, the attackers were able to move laterally through the network, escalate their privileges, and access sensitive data. They were able to exfiltrate a large amount of data, including names, birth dates, social security numbers, addresses, email addresses, and employment information.
Anthem reported the breach to law enforcement and worked with cybersecurity experts to investigate and contain the attack. The company also offered credit monitoring and identity theft protection services to affected individuals.
The Anthem breach was one of the largest data breaches in history. It highlighted the importance of effective cybersecurity measures like strong authentication and employee training to prevent data breaches like phishing attacks and other types of cyber threats.
Hiscox data breach in 2018
In 2018, Hiscox, a British insurance company, suffered a data breach that exposed the personal information of approximately 1,500 of its customers. The breach was caused by a technique called “password spraying,” which is a type of brute force attack that involves trying a list of common passwords against a large number of user accounts.
In the case of Hiscox, the attackers used a list of common passwords to gain access to user accounts. Once they gained access to an account, they were able to view and steal personal information, including names, dates of birth, and contact information. The company immediately took steps to investigate and contain the breach and offered identity protection services to affected customers.
Password spraying attacks are becoming more common as cybercriminals look for new ways to gain access to user accounts. To protect against this type of attack, it is important for individuals and organizations to use strong, unique passwords for each account and to implement multi-factor authentication, which requires a second form of verification in addition to a password. Additionally, organizations should conduct regular security audits to identify and address vulnerabilities that cyber criminals could exploit.
Excellus BlueCross BlueShield data breach in 2015
In 2015, Excellus BlueCross BlueShield, a health insurer in New York, suffered a data breach that exposed the personal and medical information of approximately 10 million individuals. The breach was caused by a sophisticated cyber attack that allowed the attackers to gain unauthorized access to the company’s computer systems.
The attack began in December 2013 and went undetected for nearly two years. The attackers were able to access names, birth dates, social security numbers, addresses, and other sensitive information. The attackers were also able to access some financial information, including credit card numbers for approximately 9,000 individuals.
The exact details of how the attackers gained access to the system are not publicly known. Still, it is believed to have involved a combination of tactics, including phishing emails and malware. The attackers were able to move laterally through the network and exfiltrate a large amount of data before being detected.
Excellus BlueCross BlueShield discovered the breach in August 2015 and immediately launched an investigation. The company offered credit monitoring and identity theft protection services to affected individuals and took steps to improve its security measures, including implementing two-factor authentication and other security controls.
The Excellus BlueCross BlueShield breach is a reminder of the importance of effective cybersecurity measures and the need for organizations to remain vigilant and proactive in protecting their data and systems against cyber attacks.
Passwords are the real problem.
In conclusion, many of the major cyberattacks that have impacted the insurance sector in recent years were caused by weak or stolen passwords that resulted in successful phishing attacks and data breaches. These attacks highlight the need for stronger authentication measures, such as multi-factor authentication (MFA). MFA provides an additional layer of security beyond passwords and makes it much harder for cybercriminals to gain access to sensitive data.
Modern MFA solutions, such as those based on the FIDO standard, cryptographic keys, and biometrics, are particularly effective in protecting against phishing attacks. Implementing MFA can be challenging, but Secfense’s no-code implementation makes it possible to protect an organization’s entire infrastructure, including modern and legacy applications, in the same, frictionless way. By taking proactive steps to implement MFA, organizations can better protect themselves against the growing threat of cyberattacks and ensure the security of their data and systems.
Learn more about the User Access Security Broker approach to MFA adoption and see how your organization can implement MFA at scale without hiring software developers and without touching protected applications code.