US probes massive data breach at health insurer Anthem

Several states are investigating a cyberattack on a leading U.S. health insurer for possible ties to China, according to an official familiar with the matter.

Anthem Inc., the country's second-largest insurer, disclosed the attack late Wednesday, saying unknown hackers had penetrated a database with some 80 million records.

The insurer said it suspected hackers had stolen information — social security numbers, birth dates and e-mail addresses — belonging to tens of millions of current and former customers as well as employees.

The Anthem breach follows similar cyberattacks that have stolen private data from hundreds of millions of Americans, including attacks aimed at Target, JPMorgan Chase and Home Depot. The hacking of Sony Pictures prompted President Barack Obama to promise action against North Korea, which was implicated in the breach.

Information stolen by hackers could be used for "phishing" attacks in which customers are tricked into providing access to their companies' networks, Bloomberg reported.

A U.S. official said investigations are underway to determine whether foreign interests are using "personal, financial or medical information as leverage to gain intelligence from people who want their information to stay private," the report added.

Attorneys generals of Connecticut, Illinois, Massachusetts, Arkansas and North Carolina are looking into the Anthem breach, according to representatives of their offices and internal documents. California's Department of Insurance said it will review Anthem's response to the data attack.

Connecticut Attorney General George Jepsen asked Anthem Chief Executive Joseph Swedish to provide detailed information about the cyberattack, the company's security practices and privacy policies by March 4.

"We hope and expect to work in close coordination with other attorneys general," said Jaclyn Falkowski, a spokeswoman for Jepsen.

A source familiar with the probe said that a possible connection to China was being investigated, and the Wall Street Journal reported that people close to the investigation say some tools and techniques used against Anthem were similar to ones used in previous attacks linked to China.

The origin of cyberattacks is difficult to determine, China's Foreign Ministry spokesman, Hong Lei, said on Friday. "Such careless identification of the relevant attacker clearly is unreasonable," Hong told a news briefing in Beijing.

Late on Wednesday, the FBI said it was looking into the matter but did not discuss suspects.

"As far as China being involved, I don't know," said FBI spokesman Paul Bresson. "I don't think we know yet. Our investigation is ongoing."

On Friday, Anthem officials are scheduled to brief the House Energy and Commerce Committee on the breach.

"This latest intrusion into patients' personal information underscores the increasing magnitude and evolving nature of cyber crimes," Fred Upton, the committee's chairman, said in a statement. "Every business is at risk and American consumers are anxious."

Obama's cybersecurity adviser, Michael Daniel, speaking at a seminar in Washington, called the data breach "quite concerning" and warned consumers to change their passwords and monitor their credit scores.

A representative with network security company FireEye Inc, which was investigating the attack on behalf of Anthem, declined comment.

Al Jazeera and Reuters