The Anthem data breach is one of the most famous data breaches of all time. It took place in 2015 and nearly 79 million people’s personal information was compromised and it spanned across multiple Anthem brands – Anthem Blue Cross, Amerigroup, Empire Blue Cross and Blue Shield, and others.
It all started with a single employee at one of Anthem’s subsidiary companies opening and responding to a phishing attack. The employee ended up granting the attacker remote access. The attacker was able to get the credentials of five IT workers and the rest is history.
Cost of the breach
As we’ve written about before, 91% of all cyber attacks are phishing attacks. Because the attacker was able to successfully phish a single employee in the Anthem ecosystem, it has cost Anthem nearly $400 million. From bringing in consultants, improving security, providing credit protection, and a legal settlement, this breach has had a major financial impact to Anthem for years. The latest fine is $16 million they will pay the U.S. government to settle potential privacy violations.
Don’t let your organization be the next victim
Phishing is the number one form of cyber attacks and with nearly 1.4 million (46,000 / daily) new phishing sites created each month, attackers are bound to have a successful phish. Implementing DMARC or phishing training simply isn’t enough. Even secure email gateways aren’t able to stop these phishing attacks in real time. How do we know this? We see it on a daily basis with our customers. They have DMARC, phishing training, and even SEGs implemented yet attacks are still reaching the inboxes of their employees every single day. We can’t stress how important this is. As we learned from Anthem, it only takes one employee to click on or respond to an attack to have a massive impact to an organization.
For small and medium sized businesses, this has an even bigger effect on their business. Anthem is a large enterprise and while they are paying millions because of this phishing attack, they (for the most part) have the financial backing to do so. For small and medium size businesses, a cyber attack can be detrimental. According to the National Cyber Security Alliance, as much as 60% of small and medium sized businesses that experienced an attack go out of business within six months.
Using our patented AI technology, the TrustGraph®, Graphus protects against phishing, spear phishing, and business email compromise (BEC) attacks that evade other email security technologies. Graphus does this in a simple, powerful, and highly automated way that reduces the workflow for IT and security staff.