Dedicated to the advancement of the State of Indiana by re-affirming our state's constitutional principles that: all people are created equal; no religious test shall be imposed on our public officials and offices of trust; and no special privileges or immunities shall be granted to any class of citizens which are not granted on the same terms to all citizens. Advance Indiana, LLC. Copyright 2005-16. All rights reserved.
Thursday, February 05, 2015
Anthem Data Breach Affects More Than 80 Million
As if Americans needed one more thing to worry about what will be done to screw them every which way to Sunday, the nation's second largest health insurer, Indianapolis-based Anthem, let hackers steal confidential data on more than 80 million customers--the largest ever for a health care company--before they figured out what was happening. The company promises to reach out to every customer whose data was breached and offer credit monitoring service. Some solace, eh?
Subscribe to: Post Comments (Atom)
As a litigator, what are your thoughts with regard to Anthem's liability for this? Doesn't it seem to you that by storing all of this data, Anthem has assumed a duty of care? Further, doesn't it seem that by allowing their security to be breached, Anthem has breached that duty? Do you feel that, to the degree someone can prove up damages arising from this, Anthem should be liable for such damages?
How much is the cyber-security expert witness going to charge? Any plaintiff will need to prove that Anthem fell below the standard duty of care.
By declaring secure receipt & handling of personal information; Anthem asserts a standard & employs people for maintenance of same.
Why would they elect discovery from a cyber-security "expert" after the fact; when that level of expertise should reside within their employ?
If they had been using the free UAQUAS system license this attack would have never succeeded!
UAQUAS not only eliminates passwords, it also examines the IP addresses that connect to a host and ensure that they are connected to an authorized program or a current web session, and if not kills the connections for that IP address and puts it on the black list.
Visit the uaquas.com website to learn more.
I don't know that you would have to hire an expert witness.
Res ipsa loquitor.
Post a Comment