Anthem breachFollowing the announcement last week of a major attack on healthcare insurance provider Anthem, millions of Americans across the country are waiting for more information to come forth. Time is of the essence in the wake of a major attack like the Anthem breach, but all too often it is discovered that these attacks began long before they are discovered. Unfortunately, that may be the case for this breach as well. Cybersecurity blogger Brian Krebs, who broke the infamous Target hack in Dec. 2013, has reported that data analysis of the Anthem breach suggests the attackers may have gained access to the system in April 2014 — nine months before the intrusion was discovered.

What new evidence has been uncovered in the Anthem breach?

Security experts are working right now to track down the perpetrators of the attack and find out exactly how Anthem’s IT systems were breached. According to Krebs, experts have found that the attack tools and servers used in the breach bear the hallmark of a state-sponsored Chinese espionage group often referred to as “Deep Panda.” Apparently, several domains were registered in April 2014 which mimicked Wellpoint.com — which was Anthem’s name until a corporate name change at the end of 2014. These domains are then used to create phishing sites to trick customers into thinking they’re signing into the legitimate website, when they’re really providing their account information to hackers.

Fortunately for other healthcare providers and insurance companies, a statement released by the Health Information Trust Alliance (HITRUST) says it determined no other health industry organizations were compromised. The attack on Anthem was specifically targeted, rather than part of a larger attempt to infiltrate multiple companies in the U.S. healthcare system.

It’s important for Anthem customers to remain vigilant

Since we still don’t know how the breached information is being used, it’s wise to take the necessary precautions to protect your identity. However, the silver lining is that there’s a chance most people won’t see their information misused as a result of the Anthem breach. If the attack was Chinese state-sponsored, there’s a possibility, Krebs says, that the attackers were looking for information on certain people. Since Anthem provides health insurance for a number of U.S. government employees. Until we know more, it’s best to take any and all measures you can to protect yourself from identity theft.