Anthem

Chinese state-sponsored hackers known as Deep Panda compromised Anthem's enterprise data warehouse starting in early 2014, using a phishing email to gain initial access. By December 2014, they had exfiltrated 78.8 million records. Anthem didn't discover the breach until January 2015.

Names, dates of birth, Social Security numbers, healthcare ID numbers, home addresses, email addresses, phone numbers, employment information, and income data.

Medical history and claims data were not in the compromised warehouse—a rare piece of good news in an otherwise catastrophic breach.

78.8 million current and former Anthem members and employees.

Social Security numbers paired with income data and employment history is everything needed for tax fraud, synthetic identity creation, and financial account takeover. Victims are still dealing with the fallout a decade later.

Anthem was a Fortune 500 company with enterprise security. They had firewalls, intrusion detection, and compliance certifications. They trusted their employee security awareness training.

One phishing email proved that wrong.

They didn't know that their enterprise data warehouse—a single system—held 78.8 million complete identity profiles.

They didn't know attackers had compromised 50 accounts and 90 systems. They didn't know someone had been inside their network for nearly a year.

Anthem faced class-action lawsuits resulting in a $115 million settlement.

HHS levied the largest data breach fine ever at the time: $16 million. Seven state insurance commissioners investigated. Total estimated cost: approximately $260 million.

It took months to notify all 78.8 million victims.