Healthcare giant Magellan Health hit by ransomware attack

Fortune 500 company Magellan Health Inc announced today that it was the victim of a ransomware attack on April 11, 2020, which led to the theft of personal information from one of its corporate servers.

Magellan Health is a for-profit managed health care and insurance firm that ranks 417 on the Fortune 500 list of the largest US corporations by total revenue. Magellan’s customers include health plans and other managed care organizations, labor unions, employers, military and governmental agencies, as well as third-party administrators.

On April 11, the Fortune 500 company discovered it had fallen victim to a ransomware attack. Hackers first gained access to the Magellan Health network five days earlier, through a social engineering phishing scheme that impersonated a Magellan client.

“A third-party expert assisted in the investigation, which found no evidence that the hackers actually accessed, viewed or attempted to use the information in the employee’s email account,” Magellan added.

“It also found no compromise or unauthorized intrusion into any other Company systems containing member personal information.”

Reference:

https://oag.ca.gov/system/files/Magellan%20-%20Sample%20Individual%20Notice.pdf