How it really happened : NINJIO Season 1, Episode 10, Telephone Social Engineering


 

In Episode 10, a young finance executive is denied a job after his employer tells him that his credit rating is horrible.  He comes to find out that this was due to an identity theft issue originated by his health insurance provider, after they were hit with a telephone social engineering attack. 

 

 

  1. Anthem is warning consumers about its huge data breach. Here’s a translation.  In 2015, Anthem — a major healthcare company — announced that it had detected a data breach on its network. They announced that social security numbers, birthdays, and other private information were stolen.

 

  1. One year later, controversy still surrounds Anthem data breach

After one year, Anthem determines that it has lost millions of user records to hackers but analysts haven’t discovered the user list on the black market (yet). The company decides to offer free credit checks and alert services for ID theft.

 

  1. Anthem: How does a breach like this happen?

It’s speculated that Anthem’s breach was through social engineering. The data was encrypted following HIPAA regulations, but the attacker was able to get the system administrator password to the database, which renders encryption useless.

 

  1. Healthcare’s mission makes it vulnerable to ‘social engineering’

Healthcare companies are especially prime targets for social engineering hackers based on the massive amount of information they store. This article explains why healthcare companies are more vulnerable than some other industries.