Last Friday (Nov. 08, 2019), Magellan Health Inc, a for-profit managed health care company in Florida that prides itself for servicing the healthcare needs of special populations by harnessing technology, has reported that breaches in its computer system occurred last May 28 and June 06, 2019.
The data breach was said to have exposed the personal details of Florida Blue members whose health insurance (BlueCross and BlueShield) policies cover the health care being managed by Magellan Health. The number of Florida Blue accounts affected is estimated to be less than one (1) percent of Florida Blue’s over 5 million policyholders.
Nonetheless, Florida Blue issued a statement to assure their insurance policy holders that the company is closely coordinating with Magellan Health in providing identity theft and credit monitoring apps, to further strengthen the protection of their personal information.
Although Florida Blue believes that the data breach did not compromise the account of their policyholders, they are taking extra precautions because the insurance company takes data breaches very seriously.
Aside from special populations, Magellan Health Inc, also manages specialty areas of health care and health plans of employers, military and other government agencies, labor unions, third-party administrators and different managed-care organizations. In 2018, the company ranked 475 on the Fortune 500 roster.
How Magellan Health Inc. System was Breached
The hacking incidents were said to have been carried out by way of two phishing attacks sent to emails of two Magellan Health employees. Unfortunately, the employees enabled the malware, which compromised members’ personal information, such as names, date of birth and medical prescriptions.
Investigators of the data breach said they did not find evidence that the unauthorized third party, used the data for other purposes; except for sending spam email to those whose account information were exposed. Albeit presumed as an isolated incident, Magellan Health Inc. said they have notified the affected members. The for-profit company is also providing affected customers with anti identity-theft and credit monitoring apps.