mead cohen berger shevtsova garfinkle michta grygiel blankenhorn
Cyber Insecurity
You Lose Again

One of the nation’s largest health insurance firms was hacked last week, The Next Web reports:

Anthem, the US’ second-largest health insurer, announced today that it was the victim of a cyber-attack last week, in which its database of about 80 million records — including names, birthdays and social security numbers — was compromised.

Anthem reports that other personal member data like addresses, phone numbers, email addresses and employment information was also stolen. However, the company says that it has no evidence to show that credit card numbers, medical history, diagnosis or treatment data were exposed.

Anthem says it contacted the FBI immediately after it discovered the attack, and has commissioned cybersecurity firm Mandiant to evaluate its systems and identify possible remedies for the situation.

It’s quite possible that the hackers got into Anthem’s systems because of some simple mistake on the firm’s part, or that they exploited user error. Or, it could have been a sophisticated operation. But either way, the hackers are winning. This is why “you” got the top spot in our list of the biggest losers of 2014. This sort of thing is becoming increasingly common, even as more sensitive personal information pours into cloud services and more of our lives move into virtual space.

The hackers are coming. Do we have a plan to stop them?

Features Icon
show comments
  • Andrew Allison

    For the record, the breach did not occur last week; that’s when it was discovered — about a month after it occurred! The fact that it took a month to discover the breach, and that the personal data involved was not encrypted, suggests that the answer to the question is: no, we don’t have a plan! It’s nothing short of criminal negligence.

  • FriendlyGoat

    We can’t necessarily blame corporations for this, but as Willie Sutton said he robbed banks because that’s where the money is kept, so also we have to admit that several types of corporations are where our data is kept—–and what exactly are citizens to do about that?

    • Andrew Allison

      Ask our reprehensatives to make corporations liable for the financial impact on people whose data they store? “Depend upon it, sir, when a man knows he is to be hanged in a fortnight, it concentrates his mind wonderfully.” (Johnson)

      • FriendlyGoat

        A fine idea. Boehner and McConnell will give it their utmost attention, I’m sure, right?

        I do have to compliment you, though, on sounding like a liberal for a minute.

        • Andrew Allison

          I am a liberal in the true sense of the word, not the perverted meaning in which so-called “progressives” use it! Your blind political bias is as boring as the endless repetition of the obvious from JL.

          • FriendlyGoat

            Liberals celebrate and quote from the “Iron Lady”?

          • Andrew Allison

            Facts, despite the so-called “progressive” habit (Orwell would be proud) of manufacturing their own are, as Greece has discovered, facts.

          • FriendlyGoat

            I think Pope Francis has seen as many facts in his life as Margaret Thatcher saw in hers. We choose our world views.

          • Andrew Allison

            You are confused. Pope Francis views the world through a different prism than, e.g. Newton. In case that analogy is beyond you, there’s a difference between religion and science.

          • Andrew Allison

            Yes, not being blinded by ideology, liberals recognize reality when they see it.

  • Anthony

    In generational terms, people’s lives have been subjected to major changes – IT aggregation of personal information. FG is right what is a public to do given its penchant to unquestioningly utilize technological tools facilitating improved surface standard of living – it’s called major social change (in 1980 there was no Internet or cellphone networks).

    • Andrew Allison

      FG is, as usual, wrong. The corporations are to blame because the threat has been well-documented and failure to take such simple steps as encrypting personal data is inexcusable.

      • f1b0nacc1

        Spot on..this debacle is the result of extremely poor IT practice, something that the holders of this data were already well aware of.
        As for it being a corporate problem, the Feds have far more of our personal data in their various databases, and thus are potentially even better targets for hackers. Note that THEY won’t face any potential liability….

      • FriendlyGoat

        Call the Republican Congress and see what legislation you get to fix additional liability on corporations. You seem to be in the wrong party and have no idea why.

        • Andrew Allison

          As usual, your reply has nothing to do with the subject. And (this is a recording, but you seem incapable of grasping the fact), I’m not in a party and know exactly why.

        • Andrew Allison

          As usual, your response is irrelevant. The civil liability of Anthem for not taking obvious precautions is not a matter for Congress, but for your side’s major source of campaign funds, the utterly unscrupulous trial bar. And, since you seem unable to grasp the fact, I repeat that I have no party and understand exactly why.

        • Boritz

          There is this broken record: “The president has said he will veto……” [reference actually useful legislation proposed by the Republican “controlled” (except for filibusters) Congress.]

  • Curious Mayhem

    Moving toward broader and stricter legal liability for information is the only way to ultimately change this situation. It’s rooted in the economics of information.

    Information about all of us is valuable and increasingly so. The business side of many companies recognize this and carefully use information to make decisions and make money. The rest of the organization, however, does not recognize this in any deep way. The reason is that they view this information has having essentially zero cost.

    Yet that is all of our information and, in the first instance, it’s valuable to us. Therefore, we all need to start charging companies for taking and using our information. Then they’ll treat it as a valuable commodity — valuable to others, not just to their business — and start protecting it properly. If they don’t, we can sue or charge them for mishandling something valuable we gave them. Imagine if we lent them some valuable physical items, and they lost them. They have to have insurance to cope with such possibilities, and if they’re negligent or deliberately misuse such items, they’re open to legal liability.

    P.S. This is why so many technology companies today are creating wealth without creating many jobs. Their most valuable input is information, and they’re not paying much for it. We worry about the privacy of our information, yet not about its value, and so we let these information-users take it from us without us being paid anything.

© The American Interest LLC 2005-2016 About Us Masthead Submissions Advertise Customer Service