China a suspect in Anthem hacking case

It's suspected that China sponsored the recent hacking attack on the second-largest health insurer in the US, Anthem, various media sources report.

Bloomberg writes that investigators of the data breach are pursuing evidence that points to Chinese state-sponsored hackers, and is citing three people familiar with the probe.

The thieves are stealing personal information from health-care companies for purposes other than pure profit, Bloomberg ads.

Yesterday Reuters reported the same thing, saying several U.S. states are investigating a massive cyber attack that a person familiar with the matter said is being examined for possible ties to China.

The hack is one of the biggest thefts of medical-related customer data in U.S. history, with the details of over 80 million customers stolen.

Bloomberg says, citing a US government official familiar with the investigation, that this attack follows the pattern of previous thefts of medical data conducted by foreigners, which seek personal data of specific groups of people – including defense contractors and government workers.

Attorney generals of Connecticut, Illinois, Massachusetts, Arkansas and North Carolina are looking into the breach, according to representatives of their offices and internal documents. California's Department of Insurance said it will review Anthem's response to the data attack, Reuters writes.

Two people familiar with the ongoing investigation said China is the early suspect because of technical details of the attack, which include Chinese "fingerprints".

TK Keanini CTO of Lancope told ITProPortal: "A point needs to be made about information. When we say it has been stolen, it it not like stealing a car when you no longer have it. The proper term is disclosed because you as a customer of Anthem trust that Anthem is protecting your private information from disclosure. Theft is an awkward term.

When comparing this to retail data breaches, you need to consider the mutability of the information. Medical information is far more severe because it is not easily changed. When credit cards, phone numbers and even social security numbers are disclosed, you have an opportunity to just change it and the disclosed information is no longer valid, but this is not really the case with medical information.

Changing your DNA is not an option, so public disclosure of this is valid for a lifetime. When you consider the information you are protecting, you need to consider how easy it is to change it and then select the appropriate level of encryption."

Before Anthem, other big US companies have been targets of smash-and-grab hacking attacks, including the likes of Target Corp., Home Depot Inc. and JPMorgan Chase & Co.