14 Feb 2020
However advanced cybercriminal tactics become, there will always be those who prefer to play it old-school—and sometimes the oldest, most reliable strategies are the ones you’re least prepared for. A recent attack on a health plan organization consisted of two phishing incidents, affecting two different subsidiaries of managed care company Magellan Health. Earlier this year, the Albuquerque, New Mexico-based Presbyterian Health Plan had also reported a larger phishing campaign, although the attacks did not appear to be related. Additionally, neither of the two companies discovered evidence that their data was stolen. They were, however, concerned that member protected information had been exposed through an email scam, and Presbyterian reported potentially 183,400 individuals affected, as well as information exposed that included birth dates, Social Security numbers, and health plan information.
Once More…In September, Magellan Health headquarters in Scottsdale, Arizona reported two of its subsidiaries discovered a potential data breach that threatened protected information belonging to members of Presbyterian Health Plan. The breach was initiated by an anonymous, unauthorized entity gained access to the email accounts of employees who handle member data for Presbyterian. Magellan believed the exposed data could have included the names of health plan members, dates of birth, member IDs, provider names, health benefit authorization information, dates of service, and billing codes. A smaller number of Social Security numbers were also at risk. However, apart from the member information, Magellan found no evidence of compromise or intrusion into any other systems. Not long before, Presbyterian had reported a separate phishing incident that had managed to gain access to employee accounts with a malicious email. As soon as they became aware of the breach, their statement notes, they secured the email accounts affected, began to review the impacted emails, and alerted federal law enforcement.
… Into the BreachWhen the going gets tough, your organization needs immediate solutions on call. Our Red Team Assessment prepares you for scenarios rare and common alike with a comprehensive risk evaluation and testing against cutting-edge attack methods, including:
- Penetration Testing (internal and external)
- Social Engineering/Phishing Attacks (by phone, email, and in-person; we take this to the next level by attempting an actual breach of your network)
- Physical Access (perimeter sweep, building access, secure interior room access)
- Black Box (planting rogue remote-access devices in the production network)
- Secure Document Disposal (secure/common waste disposal, dumpster inspection)
- Wireless (forged authentication, encryption testing, device spoofing)