Awareness : Newsletter Articles

The Cost of a Data Breach – Anthem Pays $115 Million to Settle

Anthem Inc, the largest health insurance company in the nation, has agreed to settle litigation in what is said to be the largest settlement ever for a data breach. The breach, which occurred in 2015, compromised the personal information of about 79 million current and former customers of Anthem and of other insurers affiliated with Anthem through the Blue Cross Blue Shield Association. The settlement is still pending approval by the district judge and will be used to pay for two years of credit monitoring for people affected by the incident.

Using a stolen password, a hacker was able to access a database containing personal information, including names, dates of birth, physical and email addresses, medical IDs, Social Security numbers, employment and income information. The breach is one of a series of high-profile data breaches that resulted in losses of hundreds of millions of dollars to large US companies in recent years and highlights the importance of password security.

Passwords remain the most vulnerable entry-point to our information technology systems. Here are essential reminders for creating and storing passwords:

  • Keep your password a secret and do not share your account with anyone else – don’t be held responsible for another person’s actions.
  • Passwords should not be written down or left where they are easily accessible.
  • Do not use the same password for everything.
  • Utilize two-factor authentication as a second level of protection whenever possible.
  • Change your password regularly.  Passwords to University systems are required to be changed every 90 days, at minimum. Some systems may require more frequent changes.
  • When Creating a Password: Use letters and numbers, intentionally misspell words, combine words or use phrases, use upper and lower case characters, use at least 7 characters and use special characters such as #, !, ?
  • Never use familiar names, personal information or easily guessed passwords such as “password” or sequences “12345”

If you suspect your password is compromised, change it immediately and call UMIT at 305-243-5999.