Patient data at McLaren Health Plan compromised by successful phishing attack

Exploit: Phishing scam
McLaren Health Plan: Health maintenance organization

high-risk-meter

Risk to Small Business: 1.666 = Severe: A successful phishing attack on one of the company’s third-party vendors compromised patient data at McLaren Health Plan. The hackers used a compromised email account to send spam emails, putting patient data at risk. The exposure will inevitably lead to reputational damage, and the sensitive nature of the information breached will invite scrutiny from healthcare regulators along with the prospect of financial penalties.

Meter

Individual Risk: 2.571 = Moderate: The breach exposed patients’ personally identifiable information, including names, dates of birth, identification numbers, health plan information, providers, diagnosis, drug information, and authorization information. Notably, this information has been available since October, so those impacted by the breach should quickly examine their accounts for unusual activity and take precautions to ensure that their personal information remains secure.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Third-party partnerships represent an opportunity to expand your company’s capabilities but can also manifest themselves as cybersecurity risks. Given the increasingly onerous consequences of a data breach, cybersecurity standards should be top consideration when establishing such relationships. Better product or service offerings can be a boon, but not if they come at the expense of data security.

Risk Levels:

1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


3 Essential Types Of Cyber Security Your Business Must HaveCLICK HERE!
+ +