Anthem To Pay Nearly $40 Million To Settle Data Breach Probe

(Reuters) – Anthem Inc said on Wednesday it would pay $39.5 million as part of a settlement with U.S. states attorneys general following an investigation into a massive cyber-attack at the company in 2015.

The second largest U.S. health insurer said a state sponsored criminal group had perpetrated the attack, adding that it does not believe the company had violated the law in connection with its data security.

Anthem said it has also undertaken commitments that align with its ongoing focus on protecting information.

In February 2015, several U.S. states began a probe after the company disclosed that unknown hackers had penetrated a database with some 80 million records.

Anthem had said it suspected the hackers had stolen information belonging to tens of millions of current and former customers as well as employees.

The investigation by the FBI and security organization FireEye Inc did not find any evidence that information obtained through the cyber-attack has resulted in fraud, the company said on Wednesday.

Reporting by Dania Nadeem in Bengaluru; Editing by Shailesh Kuber