Healthcare giant Magellan Health discloses data breach after ransomware attack

Pierluigi Paganini May 13, 2020

Magellan Health, a for-profit managed health care and insurance firm, was the victim of a ransomware attack.

Magellan Health Inc. is an American for-profit managed health care company, its customers include health plans and other managed care organizations, employers, labor unions, various military and governmental agencies and third-party administrators. The company ranks 417 on the Fortune 500.

Magellan Health Inc announced it was the victim of a ransomware attack that took place on April 11, 2020, the company also confirmed that hackers have stolen personal information from one of its corporate servers.

Magellan Health is a for-profit managed health care and insurance firm that ranks 417 on the Fortune 500 list of the largest US corporations by total revenue.

“Magellan was recently the victim of a criminal ransomware attack. We are writing to let you know how this incident may have affected your personal information and, as a precaution, to provide steps you can take to help
protect your information.” reads the data breach notice issued by the company.

“On April 11, 2020, Magellan discovered it was targeted by a ransomware attack. The unauthorized actor gained access to Magellan’s systems after sending a phishing email on April 6 that impersonated a Magellan client,”

The healthcare giant reported the incident to the US authorities and retained experts from cybersecurity firm Mandiant to help with the investigation into the cyber attack.

As the investigation unveiled, the threat actors behind the ransomware attack were able to steal and exfiltrate “a subset of data from a single Magellan corporate server,” including sensitive personal information.

The investigation revealed that attackers also exfiltrated a subset of data from a single corporate server, included some personal information.

“In limited instances, and only with respect to certain current employees, the unauthorized actor also used a piece of malware designed to steal login credentials and passwords,” continues the notice.

“The exfiltrated records include personal information such as name, address, employee ID number, and W-2 or 1099 details such as Social Security number or Taxpayer ID number and, in limited circumstances, may also include usernames and passwords.”

The company is not aware of any misuse of personal information stolen during the attack.

It is not the first time that Magellan and its subsidiaries suffer a data breach, in 2019 Magellan Rx Management, National Imaging Associates, and Magellan Healthcare subsidiaries were impacted by cyber attacks.

“As an added precaution, to help protect your identity, we are offering a complimentary threeyear membership of Experian’s® IdentityWorksSM. This product provides you with superior identity detection
and resolution of identity theft.” concludes the company.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Magellan, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment