Security News > 2020 > May > Healthcare Giant Magellan Struck with Ransomware, Data Breach

UPDATE. Magellan Health, the Fortune 500 insurance company, has reported a ransomware attack and a data breach.

"Once the incident was discovered, Magellan immediately retained a leading cybersecurity forensics firm, Mandiant, to help conduct a thorough investigation of the incident. The investigation revealed that prior to the launch of the ransomware, the unauthorized actor exfiltrated a subset of data from a single Magellan corporate server, which included some of your personal information."

The data breach portion of the proceedings only affected "Some" current employees, according to Magellan, with the data thieves making off with login credentials and passwords, as well as personal information such as names, addresses and employee ID numbers.

"As expected, the purported ceasefire on healthcare providers by ransomware operators has proven short-lived," said David Jemmett, CEO and founder, Cerberus Sentinel, via email.

"Rather than being rooted in any sort of altruism, the attackers were simply waiting for the optimum time to strike: With Magellan under immense strain as it attempted to meet the demands onset by the COVID-19 pandemic. Following the high-profile attack on Fresenius, this should act as another lesson to other healthcare providers and industries in the States and across the globe."

News URL

https://threatpost.com/healthcare-giant-magellan-ransomware-data-breach/155699/