External Threat Management

Another Day, Another Health Insurance Data Breach

Insurance companies, especially those in healthcare, continue to be prime targets for cybercrime. Even a quick survey of recent disclosures shows that as many as 93.5 million personal records from insurers like Premera Blue Cross, Anthem, Community Health Services and American Income Life were compromised or stolen over the last two years.

The stolen records included detailed financial and medical record data -- everything needed for identity theft, credit card fraud, medical billing fraud, and other cybercrimes. To put things in perspective, the number of records involved equals about 30% of the total US population.

Unfortunately, the list of data breaches at health insurers continues to grow in line with the 50% per year increase seen across all industries in 2014. In mid-May Brian Krebs from krebsonsecurity.com reported on the latest data breach at a health insurer:

CareFirst BlueCross BlueShield said it had been hit with a data breach that compromised the personal information of approximately 1.1 million customers. There are indications that the same attack methods may have been used in this intrusion as with data breaches at Anthem and Premera, incidents that collectively involved data on more than 90 million Americans.

However, even more worrying than the theft of insurers' data from internal IT systems is the cyber threat that their customers face from compromised elements OUTSIDE the insurer's firewall.

Earlier this year RiskIQ undertook a detailed survey across all insurance industry segments to assess the security risks facing the digital footprints of the top 41 insurers. In total, the survey cataloged and examined over 200,000 web assets and 770 individual mobile apps associated with these insurers. The results clearly showed that every one of the surveyed insurers had significant external security risks that could compromise both their perimeter security and their brand equity with consumers.

For example, the survey found that 100% had a minimum of 6 broken SSL certificates with 20% having over 900, opening them up to traffic interception via man-in-the-middle attacks and domain squatting by phishing websites.

So while the potential cyber threats from data thefts requiring the breach of an insurer's security perimeter are daunting, they can pale in comparison to the risks from their ever-expanding digital footprints, all of which desperately need to be inventoried and secured. Left unchecked, these security holes provide cybercriminals with easy ways to launch attacks against unsuspecting insurance customers.

For more detail on the insurance industry survey results and the potential security risks discovered, please contact us at info@www.riskiq.com.

Subscribe to Our Newsletter

Subscribe to the RiskIQ newsletter to stay up-to-date on our latest content, headlines, research, events, and more.

Base Editor