FILE - In this Feb. 5, 2015 file photo, the Anthem logo hangs at the health insurer's corporate headquarters in Indianapolis. Insurers aren't required to encrypt consumers' data under a 1990s federal law that remains the foundation for health care privacy in the Internet age _ a striking omission in light of the cyberattack against Anthem, the nation's second-largest health insurer.  (AP Photo/Michael Conroy, File)

FILE - In this Feb. 5, 2015 file photo, the Anthem logo hangs at the health insurer's corporate headquarters in Indianapolis. Insurers aren't required to encrypt consumers' data under a 1990s federal law that remains the foundation for health care ... privacy in the Internet age _ a striking omission in light of the cyberattack against Anthem, the nation's second-largest health insurer. (AP Photo/Michael Conroy, File) (The Associated Press)

Anthem: Hackers compromised 5 workers' credentials, may have been in network since December

Features Associated Press

The hackers who stole millions of health insurance records from Anthem Inc. obtained the credentials of five different employees to try to penetrate the network, and may have been inside the system since December, the company says.

Continue Reading Below

Hackers stole names, social security numbers and other information for up to 80 million Anthem customers. The company has said one of its computer administrators discovered on Jan. 27 that an outsider was using his security credentials to log in to Anthem's system. Investigators now believe the hackers somehow obtained credentials of five different tech workers, possibly through email phishing attempts.

Anthem spokeswoman Kristin Binns said Friday that an attempt on the network was made Dec. 10 that had the same hallmark as the breach discovered last week, but the network's security deflected that attempt. Binns says the data was stolen sometime after that.