Bankers Life Affected By Hacking Incident

December 14, 2018 Mayuri Kumar

Marti Arvin, CynergisTek’s VP of Audit Strategy, recently sat down with Marianne McGee of Healthcare Info Security and exchanged some comments about yet another large breach caused by a hacking incident. On October 25, 2018, Bankers Life announced the fifth largest reported breach this year that involved personal health information of 556 thousand individuals. Below is the full interview.

Marianne: We’ve seen a lot of large hacker attacks on health plans in the past (Anthem, etc.) and now the latest with Bankers Life. Why do you think hackers are drawn to attacking health plans and other insurers?

Marti: It is a little difficult to say without knowing the full facts. Cyber attackers seem to go after the holders of large amounts of sensitive data, which if they are successful in compromising, would yield high rewards. Health plans are key holders of such information. It is unclear based on what has been publicly reported whether hackers are more attracted to health plans over other players in the healthcare industry who may also have vast quantities of such information.

Marianne: If the Bankers Life incident did indeed involve phishing, why are employees still falling for these scams? For instance, are attackers increasingly clever in tricking users? Any particular technologies that are best at potentially helping “stop” a breach even if a user does fall for a phishing scheme? Any other suggestions for preventing these kinds of breaches? Any insight is appreciated.

Marti: Hacking is growing at a very fast pace. With just one click a user’s credentials can become compromised, allowing the hacker to get additional users’ personal information as well. Such emails appear to be coming from a legitimate, known source which may account for the additional users clicking on it. Good data segregation, data loss prevention software, and other tools that may allow for quick detection may help minimize the breach impact. Using technology that alerts users when an email comes from an outside source may help them pause before clicking. Of course, continuous education and awareness are also key.

Marianne: Any other recent observations about this particular hacking incident or health data breaches involving hackers in general?

Having technology solutions that help prevent the hacker from getting into the system in the first place is the first line of defense. But we continuously have to educate our employees and peers about the potential risks of cyber-attacks and how easily hackers can target people by phishing emails.

To learn more about the Bankers Life incident, read this article from HealthInfoSecurity.com.

Previous Article
Our Top Blog Posts from 2018
Our Top Blog Posts from 2018

There were many changes within the healthcare industry, as well as a number of legislative changes in 2018....

Next Article
CynergisTek and CHIME Collaborate on Healthcare Cybersecurity Program Research
CynergisTek and CHIME Collaborate on Healthcare Cybersecurity Program Research

In November of 2018, CynergisTek collaborated with CHIME to examine the top healthcare cybersecurity challe...

×

Subscribe to Our Monthly Cyber Bulletins with the Latest News, Tips and More!

First Name
Last Name
Company
Thank You!
Error - something went wrong!