In 2020, Magellan Health encountered a security breach within its networks. A social engineering attack with an alleged Magellan Health client gave cyber criminals access to the health insurance servers.
The Affected Networks
It seems that no one was safe from this cyber attack. After several rounds of revised figures it is now clear that the cyber attackers probably got access to different data. The attack gained access to an internal server and revealed employee data. The malware then allowed the hackers to penetrate further into the systems and steal additional login data. At the time, nearly a dozen incidents had been reported and an estimated 1.7 million people were hacked.
The first point of entry was a very clever, but essentially simple, targeted cyber attack. Almost 90% of all data breaches can be traced back to social engineering, with the health industry being a target for cyber attackers. Once inside a network, a hacker can infiltrate the them. In the case of Magellan, the hackers gained access, skimmed employee information and then used ransomware to access login data. The attack was then launched on this basis. It was only then that the attack was revealed.
The healthcare sector is the focus of cyber and there is always a high risk of protection incidents. The ransomware proceeds are tempting for ambitious cyber attackers. Although some cybercriminals announced a truce with the healthcare sector during the pandemic, not all hackers appear to have received the question. And even if there is, this break is more likely to be the calm before the next storm.
After all, Magellan used the attack as a late wake-up call: The insurer has strengthened the security for the systems, environments and individual information. For many employees and customers, however, that comes a little too late. But the incident should serve as a reminder to the healthcare sector.