Anthem says hackers stole data including social security numbers on up to 80 million people. It could rank as one of the biggest corporate cyberattacks. Fred Katayama reports.
They've got your name, your birthday, your email and street addresses, even your social security number. Health insurer Anthem says hackers broke into its computers and stole that data on up to 80 million people. It could rank as one of the largest cyber breaches against a company. The hackers accessed data on current and former customers as well as Anthem's own employees, including that of its CEO, Joseph Swedish. He called it a "very sophisticated cyber attack." Security firm Cylance CEO Stuart McClure said, "That information is a treasure trove for cybercriminals. It can easily be sold on underground markets within hours and used for a wide variety of identity fraud schemes." The hackers didn't get credit card or medical info. But what sets this case apart is its scale and speed. Compare that to the cyberattacks on JPMorgan, which exposed records on 76 million households; at Home Depot, 56 million payment cards. Anthem, formerly known as WellPoint, is the second largest U.S. health insurer. It operates under the Blue Cross Blue Shield name in many states as well as UniCare and Amerigroup in others. Anthem acted fast, announcing the breach just days after its employees identified the attack. JPMorgan Chase, by contrast, took weeks before its disclosure. Anthem says it doesn't expect the breach to affect its 2015 financial outlook. But McClure says it typically costs health insurers at least $100 per stolen record to clean up such an attack. Anthem's stock has shot up more than 60 percent in the last 12 months, but it gave up some of those gains in early trading.