111K Individuals Notified of 4-Month Email Account Compromise

Share this article on:

Centerstone Insurance and Financial Services, operating as BenefitMall, has started notifying more than 111,000 individuals that some of their protected health information has been exposed, and potentially stolen, in a recent email security incident.

Dallas, TX-based BenefitMall is a provider of employee benefits, payroll, HR, and employer services and employs more than 20,000 advisors, brokers, and CPAs across the country. The company is a business associate of several HIPAA-covered entities.

On October 11, 2018, the company became aware that email accounts used by its employees had been accessed by an unauthorized individual. A third-party computer forensics firm was retained and an internal investigation was conducted to assess the nature and scope of the breach.

The investigation revealed the first email accounts had been compromised in June 2018 and further email accounts were breached and accessed up to October 11 when the attack was detected. Prompt action was taken to secure the compromised email accounts and prevent further remote email account access. The email accounts were compromised as a result of employees falling for phishing scams.

The email accounts were compromised as a result of employees falling for phishing scams. Click To Tweet

An analysis of the compromised email accounts revealed many emails in those accounts contained the personal information of individuals related to the services provided. The information exposed and potentially stolen was limited to names, addresses, social security numbers, dates of birth, bank account numbers, and information relating to payment of insurance premiums.

The security breach has prompted BenefitMall to review its email security controls, which have now been augmented to provide greater protection against phishing attacks. Two-factor authentication has now been implemented on its email system and employees have been provided with further training to improve awareness of phishing scams and how to guard against them. Further security awareness and phishing training will be provided to employees on an ongoing basis.

The security breach has been reported to law enforcement and BenefitMall will continue to assist with their investigation and will work closely with the insurance providers whose members were affected by the breach. The Department of Health and Human Services’ Office for Civil Rights (OCR) has been notified. The breach report submitted to OCR indicates 111,589 individuals have been affected by the breach.

Author: HIPAA Journal

Share This Post On