Healthcare giant Magellan Health Suffers Ransomware Attack Delivered Via Phishing Email
Magellan Healthcare reports the company is the victim of a ransomware attack. According to a notice from Magellan, the cyber attack was discovered on April 11. Malware was sent in an email phishing campaign that impersonated a Magellan client on April 6. The ransomware attack began five days later. Hackers exfiltrated certain confidential company and personal information from a corporate server before encrypting files with ransomware.
Data Stolen from The Magellan Ransomware Attack
According to Magellan, the hackers stole login credentials and passwords from some current employees.
- Employee ID number
- Details from IRS W-2 Tax forms like Social Security number
- Details from 1099 Tax Forms like Taxpayer ID numbers
- Some Usernames and Passwords
According to a Magellan spokesperson: “In limited instances, and only with respect to certain current employees, the unauthorized actor also used a piece of malware designed to steal login credentials and passwords.”
The ransomware attack also caused a network systems outage.
Magellan Health Inc., is a US Fortune 500 managed health care and insurance firm.
So far, Magellan reports that they are unaware of any fraud or misuse of the stolen data. The company did not identify how many people were affected by the data breach. Three years of identity theft protection is being offered to those who were impacted by the malware attack.
Victims of data breaches have several remedies to prevent identity and financial theft. All US service personnel are entitled to limited credit monitoring services as long as they are on active duty. For more robust credit protection or after transitioning to civilian life, service personnel can enroll in credit monitoring and identity theft protection services. Everyone is entitled to one free credit report every year from each of the three major credit reporting bureaus – Experian, Equifax, and TransUnion. If you are denied credit for any reason, you can also obtain a free credit report.
Always monitor your credit cards, bank accounts, or other financial accounts for fraudulent transactions.
Magellan has contracted with third-party cyber security forensics firm Mandiant and reported the attack the US Federal Bureau of Investigations (FBI) The company notice stated that Magellan, “implemented additional security protocols designed to protect our network, email environment, systems, and personal information.”
This is not the first successful cyber attack on Magellan. Last year the company was also compromised. Hackers compromised email accounts on multiple dates exposing sensitive members and provider information.