The Anthem hackers collected the credentials of five different employees while seeking to penetrate the company’s computer network, and they may have been inside the system since December.
Investigators now believe the hackers somehow compromised the credentials of five different tech workers, possibly through a phishing campaign that could have tricked a worker into unknowingly revealing a password or downloading malicious software.
The company also confirmed Friday that it found that unauthorised data queries with similar hallmarks started as early as December 10th and continued sporadically until January 27th. Attempts may also have been made earlier in 2014, said Kristin Binns, a spokeswoman for the company Anthem, the nation’s second-largest health insurer.
FULL STORY