Posing As A Customer To Hack The System
Magellan Health, based in Arizona, reported an infiltration of their systems they discovered on April 11th. The hack happened 5 days earlier when a socially engineered phishing attempt impersonated a Magellan client. Magellan is using a third party cybersecurity forensics firm to assist in the investigation.
The hackers first copied and stole sensitive and personal employee data before launching a ransomware attack. This style of attack, sitting quietly in the victim’s network while stealing data before ultimately launching a ransomware attack, is increasing in prevalence. Magellan is working with law officials, including the FBI, on the investigation.
In the meantime, Magellan is notifying employees of the theft of their personal information. They’ve also increased and changed their security protocols to avoid another potential future infiltration.
