Healthcare giant Magellan Health hit by ransomware attack
Fortune 500 company Magellan Health Inc announced today that it was the victim of a ransomware attack on April 11, 2020, which led to the theft of personal information from one of its corporate servers.
Here is the notification letter sent to its customers: https://assets.documentcloud.org/documents/6889299/Magellan-Sample-Individual-Notice.pdf
Colin Bastable, CEO of security awareness training company Lucy Security, commented:
“Phishing emails are used in over 92% of all data breaches, and healthcare is the number one target for hackers. Ransomware attacks are incredibly disruptive and expensive to mitigate, and with so many staff working remotely all organizations are highly vulnerable. Mandiant is a highly regarded company, so Magellan Health has reacted positively. One wonders if tokenization might have been effective in preventing the hackers from stealing viable data. Today, everyone who has not been hacked should thank their lucky stars and train their employees to spot and report phishing emails. Up to 30% of untrained employees will fall for such a phishing email. Security awareness training identifies those people and delivers a 10-fold reduction in the success rate of social engineered attacks.”