Magellan Health Data Breach (2020)

Ransomware name and shame on healthcare company during pandemic. Magellan Health is warning customers that an April 11 ransomware attack may have affected their personal information. A Mandiant investigation determined an “unauthorized actor gained access to Magellan’s systems after sending a phishing email on April 6” impersonating one of the company’s clients, the company said in a notice from Magellan Senior Vice President and Chief Compliance Officer John J. DiBernardi. Before launching ransomware the third party “exfiltrated a subset of data” from one of Magellan’s corporate servers that contained customer PII, including names, addresses, employee ID numbers and W-2 or 1099 details such as Social Security numbers or Taxpayer ID numbers. “In limited instances, and only with respect to certain current employees, the unauthorized actor also used a piece of malware designed to steal login credentials and passwords.”