Healthcare is expensive. This is why millions of individuals put a lot of money into health insurance. However, the large reserves of cash that insurance companies hold make them prime targets for cybercriminals.
Take for example Bankers Life, a Chicago-based firm that provides life insurance, health insurance, and long-term care insurance. On August 7, 2018, the firm discovered a cybersecurity breach wherein hackers gained access to its systems and potentially obtained the personal information of over 560,000 customers.
The range of sensitive data that was compromised included names, dates of birth, addresses, insurance policy numbers, dates of service, premium amounts, claim amounts, and partial Social Security numbers. You might be wondering...
...What does a hacker want with all of this?
Compromised information allows hackers to steal money directly from high-value targets or commit even more fraudulent scams. They steal this information using various methods, including:
- Phishing – Pretending to be a reputable company or financial institution via email or pop-up messages to trick the target into submitting personal information
- Altering your delivery address – Diverting the target’s billing statements by submitting a change of address form
- Stealing the old-fashioned way – Intercepting credit card statements, obtaining tax records, etc.
- Rummaging through trash – Searching for bills or paper with the target’s personal information
If hackers have their would-be victims’ insurance policy numbers and Social Security numbers, they can steal identities to receive medical treatment, medicines, prescriptions, and other health insurance policy benefits.
Not only can identity thieves partake in what is rightfully allocated to policyholders, but the former can also contaminate the health records of the latter with their own medical data. This means that the policyholders’ medical information is compromised, possibly making it unreliable or dangerous to use as reference for future treatments.
What action steps did Bankers Life take to deal with such a massive breach?
While Bankers Life’s cybersecurity during the time of the breach was deplorable, the insurer’s response was expertly managed. It commissioned a third-party investigator to look into how the breach happened as well as determine its scope.
They also implemented more stringent access restrictions, more vigilant monitoring processes, and more comprehensive security procedures to prevent future breaches.
Bankers Life also promptly disclosed the breach to the proper authorities and their affected customers, and offered free credit monitoring services and identity theft repair to prevent the hackers from victimizing anyone.
You too can prevent hackers from stealing the sensitive information of your customers. Contact our experts at Edward Technology to learn how.