In the wake of an April ransomware attack, Fortune 500 healthcare company Magellan Health announced that a hacker exfiltrated customer data.
The ransomware attack was first detected by Magellan Health April 11, 2020, and was traced back to a phishing email that had been sent and opened five days earlier. Subsequent investigation revealed that customer data had been exfiltrated prior to the deployment of the ransomware.
“The exfiltrated records include personal information such as name, address, employee ID number, and W-2 or 1099 details such as Social Security number or Taxpayer ID number and, in limited circumstances, may also include usernames and passwords,” stated the company in a letter sent to affected individuals.
This incident comes months after the company announced several of its subsidiaries had been targeted by phishing attacks that resulted in the compromise of the health information of more than 55,000 members.