Stop.Think.Connect. Get Informed

Get informed about the latest cybersecurity incidents that may affect you and your information.

Anthem Insurance Data Breach

February 2015

What you should know about the Anthem insurance data breach

It was recently discovered that Anthem, Inc., the second largest insurance company in the nation, suffered a data breach as a result from an external cyber attack. Using sophisticated malware, the attack compromised the personal information of both staff and members, and includes patient and staff names, birth dates, addresses, email addresses, telephone numbers, social security numbers, and staff income. The information does not include personal medical information or credit card numbers. The attack accessed a database that included information on over 80 million people, although the extent of the breach is unknown at this time.

Anthem employees discovered the breach last week, and the company believes the vulnerability existed for only a few days. Anthem is working with third party security vendors to lessen the effects of the breach, and will be notifying affected patients and offering identity theft protection services to affected individuals.

Unfortunately the health sector – which possesses a lot of intellectual property data and personally identifiable information – is a common target for cyber criminals. The Department of Homeland Security’s (DHS) United States Computer Emergency Response Team (US-CERT) and other offices continually works with the Department of Health and Human Services to educate the health and public health sector about cybersecurity, and provides assistance and resources to protect against or respond to cyber attacks.

Tips for Consumers

Visit the US-CERT website to find cyber security tips for users at www.us-cert.gov/home-and-business. This website provides resources and information on how home users and small-business networks can stay safe and secure.

If you are a member with Anthem look for notification from the company on whether you were affected, and additional information on identity theft protection services. Anthem has also provided a website - www.anthemfacts.com - for more information about this breach.

If you believe you may have been a victim of this data breach or other Internet crimes, US-CERT recommends that you file a complaint with the Federal Bureau of Investigation’s Internet Crime Complaint Center at www.ic3.gov.

Cyber criminals can use personal information, such as the types of information compromised in this attack, to steal people’s identities and access their banking, shopping, social media, and other personal accounts. To protect yourself, practice safe online behavior and follow these cyber hygiene tips from the DHS Stop.Think.Connect. ™ Campaign:

• Choose strong passwords and change them often. A strong password uses a combination of letters, numbers, and symbols (when allowed) and does not include a person’s name or other commonly known information such as their children’s or pet’s names.
• Do not use the same password for multiple accounts.
• Be aware of possible phishing attacks. If you receive an email claiming to be from email provider, bank, or other frequented website, and asks you to change your account password or update account information, make sure the email is legitimate. To be safe, go directly to websites to change your password, and type the link yourself rather than clicking on links embedded in emails. 
• Be on the lookout for other people accessing your personal accounts. Monitor email and social media accounts for suspicious messages or messages appearing from you, but that you did not send. Monitor bank and credit card accounts for unauthorized charges.
• Request a free credit report (www.annualcreditreport.com) to ensure no unauthorized accounts have been opened in your name.

The Stop.Think.Connect.™ Campaign is a national public awareness campaign aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online. For more cyber resources and tips, please visit www.dhs.gov/stopthinkconnect.

Community Health Services Data Breach

August 2014

What You Should Know About the Potential Health Data Breach

The Department of Homeland Security recently became aware that Community Health Systems suffered a data breach as a result from an external cyber attack, known as an Advanced Persistent Threat (APT). APTs are sophisticated, long-term attacks usually targeting a specific company or entity. Community Health Systems believes that these may have compromised the personal information of 4.5 million patients. The compromised information includes patient names, birth dates, addresses, telephone numbers, and social security numbers. The information does not include personal medical information or credit card numbers. Community Health Systems is working with a third party security vendor to lessen the effects of the breach, and will notify affected patients and offer identity theft protection services to affected individuals.

Unfortunately, the health sector – which possesses a lot of intellectual property data and personally identifiable information – is a common target for cyber criminals. The Department of Homeland Security is working with the Federal Bureau of Investigation and the Department of Health and Human Services to assist in sharing specific vulnerabilities and mitigations with the healthcare industry to prevent additional breaches from occurring.

Tips for Consumers

If you are a patient with Community Health Systems, look for notification from the company on whether you were affected, and additional information on identity theft protection services.

If you believe you may have been a victim of this data breach or other Internet crimes, US-CERT recommends that you file a complaint with the Federal Bureau of Investigation’s Internet Crime Complaint Center.

Cyber criminals can use personal information, such as the types of information compromised in this attack, to steal people’s identities and access their banking, shopping, social media, and other personal accounts. To protect yourself, practice safe online behavior and follow these cyber hygiene tips from the Department of Homeland Security's Stop.Think.Connect.™ Campaign:

• Choose strong passwords and change them often. A strong password uses a combination of letters, numbers, and symbols (when allowed) and does not include a person’s name or other commonly known information such as their children or pet’s names.
• Do not use the same password for multiple accounts.
• Criminals will often use high profile incidents like this data breach to conduct scams such as fake identity theft services or using personal information to pretend to be a legitimate company. Be aware of possible phishing attempts. If you receive an email prompting you to change your account password claiming to be from your email provider, bank, or another website you frequently make sure the email is legitimate. To be safe, go directly to websites to change your password, and type the link yourself rather than clicking on links embedded in emails. 
• Be on the lookout for other people accessing your personal accounts. Monitor email and social media accounts for suspicious messages or messages appearing from you, but that you did not send. Monitor bank and credit card accounts for unauthorized charges.
• Request a free credit report to ensure no unauthorized accounts have been opened in your name.
• Small and medium sized businesses, such as medical care providers, may have been affected by this breach as well. All businesses, regardless of size, should examine their current cybersecurity practices and work to improve the safety of their data. The Department of Homeland Security has many resources to help businesses assess and improve their cybersecurity. More information can be found via the Department of Homeland Security's Critical Infrastructure Cyber Community (C³) Voluntary Program.

Heartbleed

April 2014

What Does Heartbleed Mean for You?

You may have recently read articles about the Heartbleed bug and how it has the potential to compromise every password you use to access Internet sites. This bug is found in software called OpenSSL, which helps make sure the information you send to web sites is secure. If the Heartbleed bug affected a website where you have to login—such as your email, online banking, online shopping, or social media—then a cyber criminal could have learned your user name and password. That criminal could then use your username and password to log into the same website. (Remember that this is only true if the website has the Heartbleed bug.)

About the Heartbleed Bug

Heartbleed is a vulnerability in the encryption technology that many websites use to protect information, such as names, addresses, passwords, and credit cards numbers. The vulnerability has been found in several websites for email, banking, online shopping, and social networking that use OpenSSL software. The bug can allow someone to obtain data provided over the Internet even if the site appears to be secure, i.e., the URL begins with “https://” or “shttp://". Even if the padlock symbol is displayed in the URL bar, this bug means that the site may still be unsecure. There is a patch for this vulnerability in the OpenSSL encryption software that websites can implement to fix the problem and many websites have already implemented the patch. It is also important to understand that this is a fluid situation and the scope and scale will continue to evolve as we dig deeper into the vulnerability.

Tips for Consumers

Many major websites are telling their users to change their passwords immediately. Other sites have made it clear to users that they were unaffected and that user information is safe.

The Department of Homeland Security’s Stop.Think.Connect.™ Campaign offers these tips to consumers to help protect themselves from Heartbleed and other potential vulnerabilities:

Check to see if websites you frequently use were ever vulnerable to Heartbleed. Many websites are posting this information on their website. Others may proactively reach out with emails (however, be wary of spearphishing scams as noted below). There are also third-party websites that allow you to check on a site’s vulnerability. If you are not sure if a website has taken the appropriate actions or was vulnerable, you may also try contacting their customer service directly.

• Website providers need to take several actions to protect their sites if they were affected. Change your password once you’ve confirmed that those affected websites have taken all the steps necessary to make the website secure. Begin with the sites that contain your most sensitive personal information, such as banking and credit card websites, email, and social media accounts.
• If you re-use the same password for multiple websites, you should change that password at every website, even if that website wasn’t vulnerable. It’s good practice to have a different password for every website. If you did not re-use your password and a website was never vulnerable to Heartbleed, you do not need to change your password for that site.
• Be aware of possible phishing attacks. If you receive an email claiming to be from your email provider, bank, or another website you frequently log onto prompting you to change your password, make sure the email is legitimate. To be safe, go directly to websites to change your password, and type the link yourself rather than clicking on links embedded in emails.
• Closely monitor your credit and accounts for suspicious activity. Keep an eye out for purchases you didn’t make, or messages you didn’t send or post over the next few weeks.
• Ensure websites that require personal information are secure. Whenever a website requires you to provide personal information, such as your credit card or bank account number, make sure the URL begins with “https://” or “shttp://".

The Stop.Think.Connect.™ Campaign is a national public awareness campaign aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online. For more cyber resources and tips, please visit www.dhs.gov/stopthinkconnect.