The large-scale cybersecurity attack on Anthem in 2015 that led to 78.8 million consumer records potentially being exposed in a data breach was caused by a foreign nation attacker, according to the California Department of Insurance.

This was all started by a phishing email:

It was also found that the initial breach occurred on  February 18, 2014. A user within one of Anthem's subsidiaries reportedly opened a phishing email containing malicious content. “Opening the email permitted the download of malicious files to the user's computer and allowed hackers to gain remote access to that computer and at least 90 other systems within the Anthem enterprise, including Anthem's data warehouse,” the department explained.

Read the full article from HealthITSecurity