Aetna‘s motto is “We would like to know”…
a) about security
b) how they got in
c) damage control 101
or
d) why these kids are on my lawn.
From Softpedia:
Aetna, one of the largest health care benefit companies in the U.S., alerted around 65,000 current and former employees that their Social Security Numbers might have been stolen by hackers. The breach occurred on the company’s job application website, which was being maintained by a partner.
A few weeks ago, the insurance firm started receiving complaints from numerous people regarding spam e-mails sent in its name. The messages were actually part of a phishing campaign and claimed to be responses to job applications. The targeted individuals were being asked to provide additional personal information.
Oops. This happens so often for major corporations that it has become a sad joke. My curiousity would be if employees could be compromised this easily what security is in place around client data? Apparently there are roughly 450,000 users registered on the site. “Could have been worse” is a phrase that was said to me but, does that make it better?
Oh, and did I ever mention how much I enjoy the spin?
The company is fairly certain that at least e-mails have been stolen, but has no evidence regarding the SSNs yet.
Ugh.