A government report dating back to 2013 highlighted a number of security vulnerabilities at health insurer Wellpoint, since renamed Anthem.
A report by the Office of Personnel Management’s inspector general found that barriers were not in place to stop unauthorized devices from connecting to the Wellpoint network as well as other connection and control issues. According to the report, “several specific servers containing federal data are not subject to routine vulnerability scanning, and we could not obtain evidence indicating that these servers have ever been subject to a vulnerability scan.”
In an interview with the Financial Times, the health insurer was quoted as saying “it had addressed the vast majority of recommendations in the 2013 report.”