Anthem Breach – More Info, More Bad News

Brian Krebs, the author of the must-read Krebs on Security Blog, has reported new information about the Anthem breach. Krebs reports two new facts:

  1. The breach actually started in April 2014, not December 10, 2014, as previously reported. Thus, the January 27, 2015, discovery represented a breach of many months instead of a few weeks.
  2. The method of intrusion was spearphishing.

This diagram from Crowdstrike is reproduced on Krebs on Security:

Anthem attack network

Learn more at our new blog.

Advertisements

Comments are closed.