Humana disclosed a third-party data breach by Choice Health that impacted 22,767 patients. Humana is the third largest health insurance provider in the nation. Choice Health sells Medicare products on Humana’s behalf.
The company has confirmed that a Choice Health database was exposed to the internet due to a security misconfiguration caused by a third-party service provider. The attackers accessed the database and obtained certain files on May 7, including names, Social Security numbers, dates of birth, addresses, health insurance information, contact information, and Medicare beneficiary identification numbers.
Humana also experienced a 3rd party breach last year, when PracticeMax, a provider of billing and IT solutions for the company, suffered a ransomware attack and data of 4,244 patients was taken.
Since the start of the Covid-19 pandemic, threat actors have ramped up their attacks on healthcare institutions and providers. Most security solutions are focused on monitoring healthcare systems and devices for compromise. While there are vendors that specialize in healthcare providers, this requires a whole set of dedicated resources and is yet another security technology to learn and manage, which further burdens IT and security budgets and resources. The ability to monitor applications, such as Epic, or even interpret proprietary healthcare software apps and databases out-of-the-box, along with an understanding of identity, access privileges and analyzing this data across behavioral anomalies as well as traditional network and device monitoring, is critical to implement for security teams. However, the key is to reduce the number of alerts and false positives through advanced analytics and machine learning-driven automation, while also consolidating various security capabilities into a single console to make it easier to piece together the true scope of the attack. This is the best way to prevent data loss and/or a ransomware attack.
A lack of control on part of the corporate security team along with growing dependence on public cloud and SaaS has increased the risk of supply chain attacks from 3rd party partner or vendor connections. Even most zero trust strategies stop at the network and cannot protect against sophisticated threat actors who are able to identify vulnerabilities within weaker suppliers and exploit those to penetrate critical infrastructure and healthcare organizations with access to rich PII.
IT organizations need to implement enhanced next generation VPN and ZTNA capabilities across sensitive 3rd party connections and potentially dirty or leaky networks to safeguard sensitive corporate users and data from modern and emerging threat actors.