CareFirst Administrators (CFA) suffered a data breach incident after it fell victim to a phishing scam that occurred at Conifer Revenue Cycle Solutions, a provider of revenue cycle management services to healthcare organizations.
An unauthorized party had gained access to certain Microsoft Office 365-hosted business email accounts via a phishing scam that affected almost 14,538 individuals.
The account included names, addresses, health insurance information, dates of birth, medical information, and billing and claims information and Some Social Security numbers.
Conifer assured CFA that it has and continues to enhance its security controls and monitoring practices as appropriate to minimize the risk of any similar incident in the future
Source: https://healthitsecurity.com/news/carefirst-administrators-impacted-by-phishing-scam-at-rcm-vendor
TPRM report: https://scoringcyber.rankiteo.com/company/carefirst-bluecross-blueshield
"id": "car2352251222",
"linkid": "carefirst-bluecross-blueshield",
"type": "Data Leak",
"date": "12/2022",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': '14,538',
'industry': 'Healthcare',
'name': 'CareFirst Administrators (CFA)',
'type': 'Healthcare Administration'}],
'attack_vector': 'Phishing',
'data_breach': {'number_of_records_exposed': '14,538',
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Addresses',
'Health Insurance Information',
'Dates of Birth',
'Medical Information',
'Billing and Claims Information',
'Social Security Numbers']},
'description': 'CareFirst Administrators (CFA) suffered a data breach '
'incident after it fell victim to a phishing scam that '
'occurred at Conifer Revenue Cycle Solutions, a provider of '
'revenue cycle management services to healthcare '
'organizations. An unauthorized party had gained access to '
'certain Microsoft Office 365-hosted business email accounts '
'via a phishing scam that affected almost 14,538 individuals. '
'The account included names, addresses, health insurance '
'information, dates of birth, medical information, and billing '
'and claims information and Some Social Security numbers.',
'impact': {'data_compromised': ['Names',
'Addresses',
'Health Insurance Information',
'Dates of Birth',
'Medical Information',
'Billing and Claims Information',
'Social Security Numbers'],
'systems_affected': 'Microsoft Office 365-hosted business email '
'accounts'},
'initial_access_broker': {'entry_point': 'Phishing Email'},
'motivation': 'Unspecified',
'post_incident_analysis': {'root_causes': 'Phishing Scam'},
'threat_actor': 'Unauthorized Party',
'title': 'CareFirst Administrators Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Social Engineering'}