States Investigate Massive Breach At Health Insurer Anthem

NEW YORK (Reuters) -

Several U.S. states are investigating a massive cyberattack on No. 2 U.S. health insurer Anthem Inc that is being looked at for possible ties to China, according to a source familiar with the probe.

Connecticut Attorney General George Jepsen asked Anthem Chief Executive Joseph Swedish to provide by March 4 detailed information about the cyberattack, the company’s security practices and privacy policies, according to a letter obtained by Reuters on Thursday.

“We hope and expect to work in close coordination with other attorneys general,” said Jaclyn Falkowski, a spokeswoman for Jepsen.

Anthem disclosed the attack late Wednesday, saying unknown hackers had penetrated a database with some 80 million records. The insurer said it suspected they had stolen information belonging to tens of millions current and former customers as well as employees.

The attorneys general of Illinois, Massachusetts and North Carolina are also looking into the breach, according to representatives of their offices.

Connecticut has worked with other states to investigate some of the biggest U.S. data breaches reported to date, including ones at retailers Target Corp and Home Depot Inc.

Bloomberg News and The Wall Street Journal reported on Thursday that investigators had uncovered evidence that Chinese state-sponsored hackers were behind the attack, citing unnamed sources.

A source familiar with the probe told Reuters that a connection to China was being looked at.

The Wall Street Journal said that people close to the investigation say some tools and techniques are used against Anthem were similar to ones used in previous attacks linked to China.