The Department of Justice has indicted two China-based hackers, charging them for hacking into Anthem’s network in 2015 and breaching the personal health information of 78.8 million patients. Calling it one of the worst data breaches in US history, the hackers first began their network hack in 2014, according to a recent article in HealthITSecurity.
The hackers were part of an extremely sophisticated hacking group that also targeted three other unnamed companies. According to officials, hackers breached the network and compromised client and employee names, dates of birth, medical identification numbers, addresses, Social Security numbers, and email addresses. Allegedly, the hackers installed malware and other malicious tools on the victim’s systems to proliferate their attack.
What’s more, DOJ alleged the defendants used “extremely sophisticated” methods, including the use of customized spear-phishing emails embedded with hyperlinks to the employees of the victims. After the employee opened the hyperlink, the malicious malware was installed to compromise the system.
Specifically, the cyberattack installed a backdoor into the victim’s network that gave the hackers remote access to the system through a hacker-controlled server. The defendants would wait, sometimes months, before they would take additional steps. Eventually, DOJ claimed, the hackers would engage in reconnaissance by searching the victim’s network for “data of interest.”
Once the defendants gathered the necessary data using software tools, DOJ alleged they exfiltrated the data into encrypted archive files that they sent to multiple computers located in China. Further, they continued to access Anthem’s computers on multiple occasions in January 2015, targeting the data warehouse and then transferring the encrypted archived files of patient data from the US to China.
“The cyberattack of Anthem not only caused harm to Anthem, but also impacted tens of millions of Americans,” US Attorney Josh Minkler for the Southern District of Indiana, said in a statement. “This wanton violation of privacy will not stand, and we are committed to bringing those responsible to justice. I would also like to thank Anthem for its timely and substantial cooperation with our investigation.”
Wang and Doe have been charged with conspiracy to commit fraud and “related activity in relation to computers and identity theft, one count of conspiracy to commit wire fraud, and two substantive counts of intentional damage to a protected computer.”
This is the second major DOJ indictment of a healthcare hacker in recent months. In November, DOJ indicted two Iranian hackers who were allegedly behind the highly successful SamSam ransomware campaign that plagued the healthcare sector for several years.
Proper staff training and an annual Security Risk Analysis to detect vulnerabilities are preemptive measures against a situation like this happening to you. Health care entities are increasingly under attack. Large or small, contact HIPAAcraticRx today to find out how to protect your practice from falling victim.