Magellan Health, a Phoenix-based managed care company, confirmed that a hacker gained access to its information systems in April through an email phishing incident.
Magellan Health said that the hacker got into the systems on April 6 after sending a phishing email impersonating a client, according to the company's May 12 notice. The hacker accessed one corporate server that included personal information including names, Social Security numbers, tax details and addresses of clients. The hacker also used a malware to steal password information, according to the report.
"Unfortunately, these sorts of attacks are increasingly common," a Magellan spokesperson told Fox Business. "We take the safety, security and reliability of our operations and services with the utmost seriousness. We have taken a number of additional measures to further strengthen our security policies and protocols. We are aggressively investigating this matter and will continue to provide updates to those impacted as the investigation continues."
Magellan Health said it is not aware that any personal information exposed has been misused as a result of the incident. The company, which reported first-quarter 2020 revenue of almost $2 billion this week, said it is providing identity-theft protection for individuals affected by the incident.