Monday, January 21, 2019

United States- Managed Health Services of Indiana

United States- Managed Health Services of Indianahttps://www.infosecurity-magazine.com/news/third-party-breach-exposed-31k/
Exploit: Third-party breach via employee email phishing attack.Managed Health Services (MHS) of Indiana: Healthcare group that manages Indiana's Hoosier Healthwise andHoosier Care Connect Medicaid programs.
extreme gaugeRisk to Small Business: 1.333 = Extreme:   When vulnerabilities of this magnitude are exposed within a third-party provider’s environment, the finger-pointing begins immediately. LCP Transportation, the vendor for MHS that disclosed the breach, will surface in news headlines and must answer to many other concerned clients as well. Although there is no evidence that any of the information was misused, experts are already calling for better cyber-risk management solutions to protect the healthcare industry.
correct severe gauge                                                   Individual Risk: 2.142 = Severe: When vulnerabilities of this magnitude are exposed within a third-party provider’s environment, the finger-pointing begins immediately. LCP Transportation, the vendor for MHS that disclosed the breach, will surface in news headlines and must answer to many other concerned clients as well. Although there is no evidence that any of the information was misused, experts are already calling for better cyber-risk management solutions to protect the healthcare industry.
Customers Impacted: Up to 31,000 patients.
How it Could Affect Your Customers’ Business:  In light of multiple reports of data breaches at Humana and the Blue Cross Blue Shield network of Michigan this year alone, it is clear that the healthcare industry is in the crosshairs of cybercriminals. Other organizations should take notice, protecting sensitive health data and putting systems in place to avoid being breached. Also, this example of third-party breach serves as a great reminder for businesses to thoroughly evaluate vendors and ensure that updated security systems are in place.ID Agent to the Rescue: SpotLight ID™ by ID Agent can help proactively monitor stolen employee and customer data, mitigating losses from this breach type. Learn more at: https://www.idagent.com/dark-web/.
Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


No comments:

Post a Comment

What We’re Listening to: