Anthem Will Pay Record $115M to Settle Data Breach Lawsuits

Anthem Inc has agreed to settle lawsuits over a 2015 hacking and data breach for a record $115 million USD, the largest settlement ever paid for a data breach.

Though the deal has been announced by lawyers for those affected by the data breach, it is still awaiting approval from U.S. District Judge Lucy Koh in San Jose, California, who is presiding over the case.

The settlement money will be used to provide two years of credit monitoring for each plaintiff affected by the breach or can be paid out in cash, at roughly $50 per person.

That credit monitoring is to be offered in addition to the two years of credit monitoring Anthem previously offered victims when it announced the breach in February 2015, according to Anthem spokeswoman Jill Becher.

“We are very satisfied that the settlement is a great result for those affected and look forward to working through the settlement approval process,” Andrew Friedman, a lawyer for the victims, said in a statement.

[ Five Tools to Consider for Healthcare Identity and Access Management ]

In February 2015, Anthem, at the time the second-largest health insurer in the U.S., revealed that its customer database had been breached. Stolen data included names, addresses, dates of birth, Social Security numbers and employment histories and as many as 80 million current and former customers’ records were thought to be compromised.

Investigators believe hackers gained access to Anthem’s network via a watering-hole attack that obtained an administrator’s login credentials. The breach went undetected for nine months after the hackers first gained access to the network, until a systems administrator that an account had been querying internal databases without the account holder’s knowledge.

Many experts believe the hack was the work of Deep Panda, a group known for breaking into technology, aerospace and energy firms as well as another health insurer, Premera, whose data breach was discovered on the same day as Anthem’s.

Learn about the Anthem Breach and more in our Top 10 Most Disastrous Data Breaches Video:

Follow Jeff

Jeff Edwards

Editor, Cybersecurity at Solutions Review
Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large.He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.
Jeff Edwards
Follow Jeff