The infiltration by hackers was attributed to which type of vulnerability?

Anthem server breaches disclosed Personally Identifiable Information (PII) from a number of its servers.

The infiltration by hackers was attributed to which type of vulnerability?
A . an intranet-accessed contractor’s system that was compromised
B . exploitation of an unpatched security vulnerability
C . access by using a third-party vendor’s password
D . a phishing scheme that captured a database administrator’s password

View Answer

Answer: D

Explanation:

The Anthem data breach of 2015 was caused by a phishing scheme that captured a database administrator’s password. According to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), hackers sent phishing emails to an Anthem subsidiary. At least one employee responded. Attackers were able to plant malware on the company’s system and gain remote access to confidential information1. The breach exposed the electronic protected health information of almost 79 million people, including names, Social Security numbers, medical identification numbers, addresses, dates of birth, email addresses, and employment information2.

Reference: Anthem Pays OCR $16 Million in Record HIPAA Settlement Following Largest U.S. Health Data Breach How Anthem Data Breach Exposed Personnel Records – IDStrong