Early in its investigation of a major cyber attack, health insurer Anthem shared much of what it knew with other health industry stakeholders, all of whom participate in the HITRUST Cyber Threat Intelligence and Incident Coordination Center, or HITRUST C3.

By sharing data that indicated compromises, such as MD5 hashes, IP addresses and threat actor email addresses, other stakeholders were able to help Anthem quickly determine that the attack was specific to the insurer and not also targeting other organizations in the industry.

“Upon further investigation and analysis, it is believed to be a targeted advanced persistent threat actor,” according to a statement from HITRUST, a health industry security consortium. “With that information, HITRUST determined it was not necessary to issue a broad industry alert.”

HITRUST offers a range of security services and platforms to aid stakeholders in collaborating to better secure protected health information. In addition to C3, these services include free monthly healthcare cyber threat briefings in collaboration with the Department of Health and Human Services, the Common Security Framework of best practices, and the conducting of mock cyber attack exercises to assess how well organizations recognize an attack and respond to it. More than 700 stakeholders have participated in the mock attacks.

Additional information is available here.

This story first appeared on the Health Data Management web site.

Register or login for access to this item and much more

All Digital Insurance content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access