Anthem Inc. was the target of a very sophisticated external cyber attack, CEO Joseph R. Swedish said in a statement. A database administrator discovered his credentials being used to run a questionable query a query he didn’t initiate. The breach wasn’t fully understood, but there’s a good chance that a majority of the 80 million records contained in the compromised database were exposed. The fastest way to obtain credentials is to ask for them, which is exactly what Phishing does in most cases. The difference between a passive attack that uses Phishing and what happened at Anthem is persistence.”]
Source: https://www.csoonline.com/article/2881532/anthem-how-does-a-breach-like-this-happen.html