News about a second breach at Indianapolis-based health insurer Anthem Inc. comes as information continues to suggest many businesses simply not prepared for the elevated risks presented by new cybercriminal activity.

Anthem recently discovered that 18,580 of its Medicare members may have been victims of identity theft, after its third-party services vendor LaunchPoint Ventures discovered one of its employees purportedly engaged in identity theft activities by emailing the Anthem file to a personal account.

The Anthem file comprised Medicare ID numbers, which also included social security numbers, health plan ID numbers, Medicare contract numbers, dates of enrollment, and, in some cases, member last names and birthdates.

Recommended For You

This is the second major data breach for Anthem in two years. In February 2015 hackers accessed a corporate database, which contained the PII of nearly 80 million people. It included a list of current and former U.S. customers and employees, and personal information such as birthdays, medical IDs, Social Security numbers, street and email addresses and employment information, including income data. Recently, the health insurer agreed to a $115 million settlement to resolve a class-action lawsuit over that initial breach.

Last year, Cybersecurity Ventures predicted global annual cybercrime costs will grow to $6 trillion annually by 2021, which includes damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm. Cybersecurity Ventures also predicted global ransomware damage costs to exceed $5 billion in 2017, which is a significant upsurge from the $325 million in 2015.

Nevertheless, many U.S. businesses are not taking measures to protect sensitive data, intellectual property, or trade secrets, leaving them compromised. According to Ernst & Young's "19th Global Information Security Survey 2016-17," only 22% of 1,735 global executives, information security managers and IT leaders surveyed fully consider information security in their strategy and planning. Additionally, 89% failed to evaluate the financial impact of every data breach and 49% had no idea what financial damage it caused.

The Parsippany, N.J. based Infrastructure management services firm Micro Strategies claimed this hyperconnected and data driven business landscape created an attractive target for hackers to infiltrate. Connected devices, cloud computing, big data, mobile technologies and remote working practices are digital trends openly exploited by hackers who are becoming smarter and more sophisticated.

"Business leaders need to be well versed in both the opportunities and threats of the new digital business landscape," Tony Trama, director of security solutions at Micro Strategies, commented. He added, "Prevention is better than the cure, so business leaders need to ensure they optimize their security programs to manage risk rather than simply focusing on compliance. They need to realize there are no magic bullets when it comes to protecting against advanced threats, that they need to identify and protect their critical assets, and of course, that they'll need to up their game when it comes to protecting cloud and mobile."

NOT FOR REPRINT

© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Roy Urrico

Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).