On October 15, 2021, Anthem, Inc. suffered a data breach stemming from a ransomware attack on its third-party vendor, PracticeMax. The incident involved unauthorized access to the network between **April 17, 2021, and May 5, 2021**, leading to the potential compromise of sensitive patient data. The exposed information included **names, dates of birth, addresses, phone numbers, Anthem member IDs, and clinical records related to kidney care services**. The breach posed significant risks to patient privacy, financial security, and healthcare continuity, as the leaked data could facilitate identity theft, targeted phishing, or fraudulent medical claims. While the attack was contained, the exposure of **protected health information (PHI)**—especially clinical data—heightened concerns over compliance violations (e.g., HIPAA) and long-term reputational damage. The incident underscored vulnerabilities in third-party vendor security and the cascading impact of ransomware on healthcare ecosystems.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-546499
TPRM report: https://www.rankiteo.com/company/antheminc
"id": "ant1006091725",
"linkid": "antheminc",
"type": "Ransomware",
"date": "4/2021",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'healthcare',
'location': 'United States (California)',
'name': 'Anthem, Inc.',
'type': 'healthcare insurance provider'},
{'industry': 'healthcare IT',
'name': 'PracticeMax',
'type': 'third-party service provider'}],
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'high (PII and PHI)',
'type_of_data_compromised': ['names',
'dates of birth',
'addresses',
'phone numbers',
'Anthem member IDs',
'clinical data (kidney care '
'services)']},
'date_detected': '2021-10-15',
'date_publicly_disclosed': '2021-10-15',
'description': 'On October 15, 2021, the California Office of the Attorney '
'General reported a data breach involving Anthem, Inc. The '
'breach occurred when the PracticeMax network experienced a '
'ransomware attack, with unauthorized access starting on April '
'17, 2021, and ending on May 5, 2021. The potentially '
'compromised information includes names, dates of birth, '
'addresses, phone numbers, Anthem member IDs, and clinical '
'data regarding kidney care services.',
'impact': {'data_compromised': True, 'identity_theft_risk': True},
'initial_access_broker': {'high_value_targets': ['Anthem member data',
'clinical records'],
'reconnaissance_period': {'end': '2021-05-05',
'start': '2021-04-17'}},
'ransomware': {'data_encryption': True, 'data_exfiltration': True},
'references': [{'date_accessed': '2021-10-15',
'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulations_violated': ['HIPAA (likely)',
'California Consumer '
'Privacy Act (CCPA)'],
'regulatory_notifications': ['California Office of '
'the Attorney '
'General']},
'title': 'Anthem, Inc. Data Breach via PracticeMax Ransomware Attack',
'type': ['data breach', 'ransomware attack']}