Investigators link insurer cyber breach to foreign nation

A foreign government was likely behind a cyber breach of health insurance company Anthem Inc. that compromised more than 78 million consumers' records, investigators said Friday.

The California Department of Insurance said Anthem — the nation's second-largest health insurer — has agreed to make $260 million in improvements to its information security systems.

It will also provide credit protection to consumers whose information was compromised, officials said.

Investigators found with a "significant degree of confidence" that the cyber attacker was acting on behalf of a foreign government, Insurance Commissioner Dave Jones said. He did not identify the government.

"This was one of the largest cyber hacks of an insurance company's customer data," Jones said. "Insurers have an obligation to make sure consumers' health and financial information is protected."

The hackers accessed Social Security numbers, birthdates and employment details for customers — all key ingredients for stealing someone's identity.

The state agency says intruders cracked Anthem's database in February 2014 with a phishing email. Anthem has said hackers evaded multiple layers of security to reach its database.

However, a lawsuit filed by customers who say they were affected by the breach paints Anthem as a ripe target.

It says the insurer allowed wide employee access to its database and didn't train employees on handling phishing emails.

The hackers gained remote access to at least 90 other systems within the Anthem enterprise, including Anthem's data warehouse.

The cyber breach was discovered by Anthem in January 2015. In early February, Anthem and its affiliates announced the company had suffered the breach that included the records of at least 12 million minors.