Cyber-cons recently targeted another health target. ‘Managed Health Services of Indiana Health Plan’ in recent times went public regarding the third-party data breach they had gotten imperiled by, which exposed 31,000 patients’ personal details out in the open.
This breach was the result of one of the two security incidents that the institution had to face.
There are two major healthcare programs, namely, ‘Indiana’s Hoosier Healthwise’, and ‘Hooseir Care Connect Medicaid’ which this organization runs.
The MHS were informed about the breach by one of its vendors. The information was regarding someone having illegitimately gained access to their employees’ email accounts.
Disconcertingly, according to the reports, the unauthorized accessed had occurred between the month of July and September, last year.
During the investigation initiated by the MHS, it was found out that patients’ personal data including their names, insurance ID numbers, dates of birth, dates of services provided and their addresses were all potentially out in the open.
As the investigation unfolded, it was discovered that the incident was caused due to a phishing attack on the vendor’s system.
Rapid steps were taken by the vendor to counter the attack by the aid of a computer forensic company.
Some of the information in the email accounts that were affected was laid out pretty bare to be accessed. The email accounts “hacked” were the main source of information.
The easiest trick to harvesting personal data is performing a phishing attack. The phishing attack anywhere in the entire chain could affect all the people involved.
As a result of the overall effect on the chain, 31,ooo people got affected and had their data exposed and out in the open.
Reportedly, this has been the 4th in the list of attacks made on the health plans, that too in the last month alone.
It gets evident after such an attack, that the health-care industry exceedingly requires better management and security cyber systems.
