GHP notifies its members of potential vendor email breach

DANVILLE–Geisinger Health Plan has notified certain members that some protected health information may have been affected by a security incident at Magellan National Imaging Associates, a vendor hired by the health plan to manage radiology benefits.

Geisinger no longer uses Magellan NIA for radiology benefits.

On July 5, Magellan discovered that the email account of one of its employees had been sending out large volumes of unsolicited commercial email. An immediate investigation revealed that several unauthorized mailbox authentications and connections originating from outside the United States had been occurring on this employee’s email account since May 28.

It is believed that the unknown individuals were able to obtain the employee’s email log-in credentials through a phishing attack or other fraudulent means. Geisinger was alerted to the issue on Sept. 24.

Magellan believes that the intruder was attempting to access the account solely to send out the spam emails and had no intentions to retrieve or view member data. However, Geisinger is treating this incident as a breach because it could not be definitively determined if any emails were accessed, viewed or downloaded.

Magellan has informed Geisinger that it has taken steps to further secure all employee email accounts by disabling certain email protocols on all mailbox accounts, establishing relevant geofencing and implementing Microsoft’s Password Hash Sync as well as other similar measures. Magellan also determined that none of its other systems experienced any unauthorized access aside from the impacted email accounts.

Magellan provided a list of impacted members on Oct. 3 and sent letters to notify them of the potential breach on Oct. 18. The data that may have been exposed could have included their name, patient/client ID, type of service, authorization ID and diagnosis.

“Geisinger is committed to protecting the privacy of our members,” Geisinger Chief Privacy Officer John Signorino said. “We worked closely with Magellan to make sure all affected members were identified and properly notified. Although all evidence points to the fact that the intruders only intended to issue spam emails, in an abundance of caution we are offering all of our affected members complimentary credit monitoring and encourage them to sign up by following the instructions in the letters they received.”

For more addition information, contact Geisinger’s customer care team toll free at (800) 686-4613, 8 a.m. to 6 p.m. Monday through Friday, and 8 a.m. to 2 p.m. Saturday.


Today's breaking news and more in your inbox

I'm interested in (please check all that apply)


Starting at $4.39/week.

Subscribe Today