Kentucky Employee Health Plan breached, exposing 2,700 members’ personal data

Kentucky Employee Health Plan breached, exposing 2,700 members’ personal data

https://www.govtech.com/security/Two-Data-Breaches-Hit-Kentucky-Employees-Health-Plan.html

Exploit: unauthorized database access
Kentucky Employee Health Plan: health insurance provider

Feature-Img-Blog-Arnet-Breach-Report
Risk to Small Business: 1.462 = Severe Two data breaches compromised plan members’ personal data and enabled bad actors to steal more than $100,000 in gift cards. Hackers used valid login information to access the system in the first breach and were able to compound the damage of that breach in a second breach. The second breach accessed member programs to redeem reward points for gift cards. The two breaches created scrutiny and drew calls for further investigation as to whether the “bad actors” were from outside the office or if insider threats were the root cause.
gear
Individual Risk: 2.703 = Moderate Hackers accessed users’ account portals containing their screening and health assessment data. Although this attack appears to be financially motivated, healthcare-related data often makes its way to the Dark Web, where it can be used to execute additional fraud attempts. Those impacted by the breach should immediately update their account passwords while monitoring their accounts for suspicious activity.

Customers Impacted: 2,700
How it Could Affect Your Customers’ Business: whatever the results of this investigation show, it raises the question of insider threats. Whether staffers are accidentally or deliberately giving information and passwords to bad actors, insider threats have to be a top concern for every business

Risk Levels:

1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


Learn How To Optimize Your Office Productivity Tools With Our Latest eBookCLICK HERE!
+ +