According to sources, Highmark Health (a Medical organization in Pennsylvania) was hit with a cyber attack. It was first reported on 2023-02-05.
Source 1 | 2023-02-05
“Letters have not gone out yet and will not be going out in the mail until February 13, but Highmark Health will be notifying 300,000 patients of a data security breach that occurred on December 13, 2022, after an employee clicked on a link that they should not have clicked on. The breach was discovered on December 15, 2022. “
“According to Highmark’s notification letter, seen by DataBreaches, the emails in the employee’s compromised email account may have included various protected health information elements: name, social security number, and enrollment information such as the individual’s group name, identification number, claims or treatment information such as claim numbers, dates of service, procedures, and prescription information. as well as in some cases, financial information, address, phone number, and email address. “
“Not all individuals had all elements and there are two forms of the letter going out: one to those whose social security number was involved, and one to those who did not have their social security number involved. “
“The notification letters, copies of which were provided to the Maine Attorney General’s Office, do not explain why the employee had so many emails in their account that 300,000 people have to be notified. “
Cybersecurity for Critical Infrastructure
SecuLore provides Managed Detection and Response (MDR) to protect our nation’s critical infrastructure from cyber threats. Our expertise is built on deep knowledge of 9-1-1 technology, cyberwarfare, and ethical hacking, ensuring the highest level of cybersecurity for public safety agencies.
