ITS 455 CSU CareFirst Data Breach & Process Mining and the Audit Process Paper

User Generated


Computer Science

ITS 455

Colorado State University



Option #2: Cybercrime at a Health Insurance Organization 

Cybercrime and information security breaches are a hot topic in the news today. When interacting with organizations, consumers are concerned with the privacy and security of the information they provide. Recent news reports show serious security breaches, sabotage, and even theft has occurred in both private and government institutions.

Assignment Instructions 

Write a paper analyzing a recent cybercrime or security breach at a health insurance organization as reported by a reputable news source.

Describe the organization's background.

Explain the nature of the cybercrime that occurred.

Describe methods and tools potentially used to investigate the cybercrime, particularly analysis, validation, and acquisition.

Analyze and describe details about the impact of the cybercrime including financial losses, number of individuals affected, and the effect on the reputation of the organization.

Analyze the organization's incident response and if the incident was handled in an appropriate manner.

Your paper must meet the following requirements:

5/6 pages in length, not including the cover page and reference page.

Formatted according to the CSU Global Writing Center (Links to an external site.). Include an introduction, a body with fully developed paragraphs, and a conclusion.

Be clearly and well written using excellent grammar and style techniques. Be concise. Be logical. You are being graded in part on the quality of your writing.  If you need assistance with your writing style, visit the Writing Center (Links to an external site.), which is also accessible from the Library's homepage.

Support your paper with at least two peer-reviewed, scholarly references. The CSU Global Library is a great place to find these resources.

Refer to the Critical Thinking Rubric below for more information on expectations for this assignment.====--===========


Option #1: Process Mining and the Audit Process 

Read the article, “Performing Tests of Internal Controls Using Process Mining (Links to an external site.)” for this assignment and respond accordingly.

Explain what process mining is and how it can be used in the IT audit process.

How does process mining compare to other audit methods? Include audit methods that you learned about during the course.

In your opinion, do you think process mining can eliminate or improve upon some of audit methods taught in this course—especially in terms of testing internal controls?

Would you recommend using process mining as part of an IT audit? Explain why or why not.


Chiu, T., Brown-Liburd, H., & Vasarhelyi, M. A. (2019). Performing tests of internal controls using process mining. CPA Journal, 89(6), 54.

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Attached. Please let me know if you have any questions or need revisions.


CareFirst Data Breach

Institutional Affiliation
Student Name




CareFirst BlueCross is a health insurance company established in the United States that
offers several coverage. It is an expansive network in the health insurance industry that provides
coverage to members moving to other areas in the United States or outside. It provides coverage
to you adults under the age of 30. Its main product includes dental insurance, health insurance,
Medicare plans, and vision insurance. Most of its products are considered data-driven, for instance,
it clinical trials data are stored digitally and shared by scientist and other authorized personnel.
They share data among doctors anywhere in the United States to hospitals supported by them.
Coordination among doctors and patients is easy since data sharing is made easy over the network
(Moffit & Steffen, 2017).
BlueCross Blue Shield stores various kinds of data related to patients and their health
insurance cove plans with such services. It services more than 62 million people in the United
States. In 2015, the company announced one of the greatest data breaches in its history. The cyber
attacker accessed a single database which paves the way to information that individuals use to
access the website and other online services. CareFirst BlueCross Blue Shield reported no prior
attacks on the website; the attacker had access only to a single database involving data about their
members. The members use this data to access the CareFirst website (CareFirst, 2015).
The CareFirst Cyber-attack report indicated no personal data related to their users was
accessed. The company reported that the single databases could have been used to access personal
information such as names, birth dates, subscribers identification numbers, and email addresses.
For security reasons, CareFirst uses names and member-created passwords to access the website;
there, therefore, the affected several users, but the majority of them their information was secure.
The accessed database did not contain data on members related to financial information, social



security numbers, credit card, medical claims, or their employment history (Goldstein & Abelson,
The passwords were fully encrypted by the CareFirst Security Network and stored on
separate databases. Such security measures are essentials for cases like this, as attackers will need
access to both databases before they penetrate further. This would have been the case if the
databases were not separate and more members could have been affected. The incident occurred
in 2015, but more recently in 2018, as reported by Healthcare IT News, another potential breach
in which the patient personal data of about 6 800 members was compromised through phishing.
This incident occurred due to phishing emails received by an employee.
The data breach in 2015 resulted in tight security by CareFirst BlueCross BlueShield
insurance company. But this did not stop the cyber attackers. The use of separate databases was
one of the major security measures that were put in place. Thus, attackers targeting CareFirst are
still hunting the organization to gain patient data sold in black markets or commit financial fraud.
The phishing incident contained information regarding dates of births, member identification
numbers, and their names. CareFirst's CEO reported that the information would not of much use
to attackers, but security was important for the organization and its members.
In its investigation to determine the breach ...

Awesome! Perfect study aid.


Related Tags