[CentOS] anthem details

Fri Feb 6 14:40:41 UTC 2015
mshinn <monty.shinn.gm at gmail.com>


On 02/06/2015 08:17 AM, Chris Wensink wrote:
> Hello Everyone,
>
> Does anyone have any more detail about what kind of system Anthem / Blue
> Cross was running and what kind of attack broke into their system?
>
> It's terrible that it happened, but I think it would benefit all Admins
> everywhere to learn how it happened so that we can secure our systems
> from a similar breach of information.
>
> Anyone know?
>
> Chris
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos

I recommend reading up on kreb's site:

http://krebsonsecurity.com/2015/02/china-to-blame-in-anthem-hack/

Not sure the "hack" was an issue with their platforms per se.

"
“On January 27, 2015, an Anthem associate, a database administrator, 
discovered suspicious activity – a database query running using the 
associate’s logon information. He had not initiated the query and 
immediately stopped the query and alerted Anthem’s Information Security 
department. It was also discovered the logon information for additional 
database administrators had been compromised.
”

SANS is a good resource as well.

I'm no security expert by any means, so ymmv.

Regards,

Monty