Geisinger Health Plan notifies members of potential vendor email breach
DANVILLE, PA – Geisinger Health Plan has notified certain members that some protected health information (PHI) may have been affected by a security incident at Magellan National Imaging Associates (NIA), a vendor hired by the health plan to manage radiology benefits. Geisinger no longer uses Magellan NIA for radiology benefits.
On July 5, 2019, Magellan discovered that the email account of one of its employees had been sending out large volumes of spam email.
An immediate investigation revealed that several unauthorized mailbox authentications and connections originating from outside the United States had been occurring on this employee’s email account since May 28, 2019. It is believed that the unknown individuals were able to obtain the employee’s email log-in credentials through a phishing attack or other fraudulent means.
Geisinger was alerted to the issue on September 24, 2019.
Magellan believes that the intruder was attempting to access the account solely to send out the spam emails and had no intentions to retrieve or view member data.
However, Geisinger is treating this incident as a breach because it could not be definitively determined if any emails were accessed, viewed, or downloaded.
Magellan has informed Geisinger that it has taken steps to further secure all employee email accounts by disabling certain email protocols on all mailbox accounts, establishing relevant geofencing, and implementing Microsoft’s Password Hash Sync as well as other similar measures. Magellan also determined that none of its other systems experienced any unauthorized access aside from the impacted email accounts.
Magellan provided a list of impacted members on October 3, 2019 and sent letters to notify them of the potential breach on October 18, 2019. The data that may have been exposed could have included their name, patient/client ID, type of service, authorization ID, and diagnosis.
“Geisinger is committed to protecting the privacy of our members,” said Geisinger Chief Privacy Officer John Signorino, JD, MHSA. “We worked closely with Magellan to make sure all affected members were identified and properly notified. Although all evidence points to the fact that the intruders only intended to issue spam emails, in an abundance of caution we are offering all of our affected members complimentary credit monitoring and encourage them to sign up by following the instructions in the letters they received.”
For more addition information, please call Geisinger’s customer care team toll free at 800-686-4613, 8 a.m. to 6 p.m. Monday through Friday, and 8 a.m. to 2 p.m. Saturday.
On July 5, 2019, Magellan discovered that the email account of one of its employees had been sending out large volumes of spam email.
An immediate investigation revealed that several unauthorized mailbox authentications and connections originating from outside the United States had been occurring on this employee’s email account since May 28, 2019. It is believed that the unknown individuals were able to obtain the employee’s email log-in credentials through a phishing attack or other fraudulent means.
Geisinger was alerted to the issue on September 24, 2019.
Magellan believes that the intruder was attempting to access the account solely to send out the spam emails and had no intentions to retrieve or view member data.
However, Geisinger is treating this incident as a breach because it could not be definitively determined if any emails were accessed, viewed, or downloaded.
Magellan has informed Geisinger that it has taken steps to further secure all employee email accounts by disabling certain email protocols on all mailbox accounts, establishing relevant geofencing, and implementing Microsoft’s Password Hash Sync as well as other similar measures. Magellan also determined that none of its other systems experienced any unauthorized access aside from the impacted email accounts.
Magellan provided a list of impacted members on October 3, 2019 and sent letters to notify them of the potential breach on October 18, 2019. The data that may have been exposed could have included their name, patient/client ID, type of service, authorization ID, and diagnosis.
“Geisinger is committed to protecting the privacy of our members,” said Geisinger Chief Privacy Officer John Signorino, JD, MHSA. “We worked closely with Magellan to make sure all affected members were identified and properly notified. Although all evidence points to the fact that the intruders only intended to issue spam emails, in an abundance of caution we are offering all of our affected members complimentary credit monitoring and encourage them to sign up by following the instructions in the letters they received.”
For more addition information, please call Geisinger’s customer care team toll free at 800-686-4613, 8 a.m. to 6 p.m. Monday through Friday, and 8 a.m. to 2 p.m. Saturday.
Content from General Links with modal content