Ransomware, Data Breach Follow Phishing Attack at Magellan Health

The healthcare company has informed affected employees of a data breach on a single corporate server.



Magellan Health, a Fortune 500 healthcare company, has begun notifying some employees that their personally identifiable information (PII) was compromised as the result of a phishing attack that also served as a prelude to a ransomware attack.

According to the notification to affected employees, a single server was compromised by the data breach, and only "certain current employees" had data exfiltrated. For those employees, the lost data was extensive.

"The exfiltrated records include personal information such as name, address, employee ID number, and W-2 or 1099 details such as Social Security number or Taxpayer ID number and, in limited circumstances, may also include usernames and passwords," the notice states.

Magellan Health is working with Mandiant and law enforcement agencies to investigate the breach. The company says it has instituted new security protocols in the wake of the incident and is providing one year of credit monitoring to affected employees. No information on the number of victims was provided.

Read more here.

 
 
 
 
Learn from industry experts in a setting that is conducive to interaction and conversation about how to prepare for that "really  bad day" in cybersecurity. Click for more information and to register
Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Copyright © 2020 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service