5. INFORMATION SECURITY
It is the practice of preventing unauthorized
access, use, disclosure, disruption, modification,
inspection, recording or destruction
of information.
8. THE ANTHEM
• Date: February 2015
Impact: Theft of personal information on up to 78.8 million current
and former customers.
Details: The second-largest health insurer in the U.S., formerly
known as WellPoint, said a cyber attack had exposed the names,
addresses, Social Security numbers, dates of birth and employment
histories of current and former customers – everything necessary to
steal identity.
• Fortune reported in January that a nationwide investigation
concluded that a foreign government likely recruited the hackers
who conducted what was said to be the largest data breach in
healthcare history. It reportedly began a year before it was
announced, when a single user at an Anthem subsidiary
clicked on a link in a phishing email. The total cost of the
breach is not yet known, but it is expected to exceed $100 million.
• Anthem said in 2016 that there was no evidence that members' data
have been sold, shared or used fraudulently. Credit card and medical
information also allegedly has not been taken.
10. ADOBE
• Date: October 2013
Impact: 38 million user records
Details: Originally reported in early October by security blogger Brian Krebs, it took
weeks to figure out the scale of the breach and what it included. The company
originally reported that hackers had stolen nearly 3 million encrypted customer
credit card records, plus login data for an undetermined number of user accounts.
• Later in the month, Adobe said the attackers had accessed IDs and
encrypted passwords for 38 million “active users.” But Krebs reported
that a file posted just days earlier, “appears to include more than 150
million username and hashed password pairs taken from Adobe.” After
weeks of research, it eventually turned out, as well as the source code of several
Adobe products, the hack had also exposed customer names, IDs, passwords and
debit and credit card information.
• In August 2015, an agreement called for Adobe to pay a $1.1 million in legal fees
and an undisclosed amount to users to settle claims of violating the Customer
Records Act and unfair business practices. In November 2016, the amount paid to
customers was reported at $1 million.