Companies Aren’t Required by Law to Scramble Records, and Often Don’t
By DANNY YADRON and MELINDA BECK
Anthem Inc. stored the Social Security numbers of 80 million customers without encrypting them, the result of what a person familiar with the matter described as a difficult balancing act between protecting the information and making it useful.
Investigators see links to China as they probe a data breach in which tens of millions of Social Security numbers were taken from Anthem, the second-largest U.S. health insurer.
The probe, which includes teams from the Federal Bureau of Investigation and FireEye, remains in its early stages. Anthem discovered the incident last week. But people close to the investigation say some of the software and techniques used are similar to tools used almost exclusively in attacks linked to China.
The probe, which includes teams from the Federal Bureau of Investigation and FireEye, remains in its early stages. Anthem discovered the incident last week. But people close to the investigation say some of the software and techniques used are similar to tools used almost exclusively in attacks linked to China.