Presbyterian Health Plan alerts 56,000 patients of phishing attack

Albuquerque, N.M.-based Presbyterian Health Plan was notified by its managed care company vendor Magellan Health that more than 56,000 patients may have had their protected health information exposed in a phishing attack, according to the HIPAA Journal.

Magellan Health discovered in July that employees at two of its subsidiaries, National Imaging Associates and Magellan Healthcare, had fallen victim to phishing attacks. The phishing attack at National Imaging Associates affected 589 Presbyterian Health Plan members, while the attack on Magellan Healthcare impacted 55,637 patients.

Patient data stored on the email accounts included names, dates of birth, member numbers, provider names, health benefit authorization information, dates of service and billing codes. A limited number of Social Security numbers also may have been exposed.

Upon investigation, Magellan Health determined that the attackers hacked the email accounts to distribute spam email, reports the HIPAA Journal. The managed care company said there is no evidence that patient information has been misused.

Since the incident, Magellan Health has adopted additional authentication processes and email security has been enhanced. Additionally, the company improved its employee security awareness training.

More articles on cybersecurity:
Health tech leaders release privacy guidelines for consumer health data
Moody's: Healthcare cyberattacks on the rise, small hospitals most vulnerable
The role of security in digital healthcare delivery and why it's a core focus for Hackensack Meridian Health in 2020

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Featured Webinars

Featured Whitepapers