CareFirst Administrators (CFA) suffered a data breach incident after it fell victim to a phishing scam that occurred at Conifer Revenue Cycle Solutions, a provider of revenue cycle management services to healthcare organizations.
An unauthorized party had gained access to certain Microsoft Office 365-hosted business email accounts via a phishing scam that affected almost 14,538 individuals.
The account included names, addresses, health insurance information, dates of birth, medical information, and billing and claims information and Some Social Security numbers.
Conifer assured CFA that it has and continues to enhance its security controls and monitoring practices as appropriate to minimize the risk of any similar incident in the future
Source: https://healthitsecurity.com/news/carefirst-administrators-impacted-by-phishing-scam-at-rcm-vendor
"id": "CAR2352251222",
"linkid": "carefirst-bluecross-blueshield",
"type": "Data Leak",
"date": "12/2022",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"