Over 1.2 Million Health Net Members Impacted by Cyberattack on Accellion

A number of healthcare companies have lately affirmed they were impacted by the Accellion cyberattack last December 2020. The attack was connected to the Clop ransomware gang since its leak website had published parts of the stolen data from the attack, though it seems that no ransomware was used.

Accellion used a file transfer solution for sending files that were too large to be transmitted through email. Health Net was the platform employed for exchanging files with healthcare companies and entities who assist its operations. According to Health Net, the attackers obtained names, addresses, birth dates, insurance ID numbers, and medical information. Accellion informed Health Net concerning the breach last January 25, 2021.

Health Net’s report shows that the breach affected 1,236,902 people: 686,556 persons from Health Net Community Solutions, 523,709 persons from Health Net of California, and 26,637 persons from Health Net Life Insurance Company.

California Health & Wellness lately reported that it was also affected by the Accellion cyberattack. The names, birth dates, addresses, insurance ID numbers, and medical data of 80,138 members were compromised.

Stanford University likewise recently affirmed being impacted by the attack. The PHI of Stanford Medicine patients was breached, though there was no confirmation yet regarding the types of data stolen and the number of people affected. Some of the stolen data were posted on the attacker’s leak website.

Earlier, the following organizations have confirmed being victims of the breach and had stolen sensitive information: University of Miami Health, Kroger, Centene, Arizona Complete Health and Trillium Community Health Plan.

There were multiple lawsuits already filed in association with the breach. Centene has filed a lawsuit against Accellion because of the breach. There is also a lawsuit filed on behalf of Kroger pharmacy patients who were affected by the breach.

The vulnerabilities exploited by the attackers have already been addressed. Accellion has announced that the FTA service is going to be terminated starting April 30, 2021, though support will continue until the expiration of all contracts. The majority of victims have claimed that they have stopped utilizing the Accellion FTA.

Twitter Facebook LinkedIn Reddit Copy link Link copied to clipboard
Photo of author

Posted by

Mark Wilson

Mark Wilson is a news reporter specializing in information technology cyber security. Mark has contributed to leading publications and spoken at international forums with a focus on cybersecurity threats and the importance of data privacy. Mark is a computer science graduate.