Security experts from STEALTHbits and Tripwire on Premera Blue Cross Breach

By   ISBuzz Team
Writer , Information Security Buzz | Mar 23, 2015 05:05 pm PST

Responding to news of health insurer Premera Blue Cross data breach, exposing the financial and health records of 11 million customers. Here to comment on this news are two Industry experts: Jonathan Sander, strategy & research officer, STEALTHbits Technologies and Tim Erlin, director of product management, IT security and risk strategy at Tripwire.

Jonathan Sander, strategy & research officer, STEALTHbits Technologies, Inc. (, @sanderiam:

Following the Anthem breach, we now have another health care breach at Premera, which makes sense since the black market value of medical records is so high. Medical records are rich in information that can be used for very profitable health care fraud as well as all the traditional scams that stolen data has powered. What’s particularly interesting is that the wave of phishing attacks that followed the Anthem breach has taught Premera a lesson. Premera is stressing that their customers should not reply to emails or open attachments that come from people contacting them about the breach. We’ve seen the birth of a whole new kind of attack that leverages the headlines about breaches to attempt even more breaches in their wake.

Tim Erlin, director of product management, IT security and risk strategy at Tripwire (, @terlin :

When the Anthem breach hit, many in the security industry were well aware they were not alone. Organized criminal syndicates targeting this type of data don’t target one organization, they target an entire industry. Many of the vulnerabilities or security lapses found in one organization are likely to appear in multiple organizations in that same industry. The Premera breach could be much worse for those who are victims as it includes not just information to commit credit fraud, but also medical fraud and potentially sensitive information about medical conditions.

The fact the breach went undiscovered for seven months indicates that the institution did not have proper detective controls in place to identify an attacker was inside the network. The fact both Anthem and Premera discovered the breaches on the same day indicates to me that it was law enforcement that tipped them off to the data being compromised and believe we will see other organizations that were also breached during this timeframe.

About Tripwire

is198Tripwire, Inc., a global provider of risk-based security and compliance management solutions, today announced Tripwire® Enterprise™ version 8.3 featuring a new, stand-alone Policy Manager™. Tripwire Policy Manager provides the detailed visibility into system configurations critical to minimizing security risks and ensuring compliance.