HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

111K Individuals Notified of 4-Month Email Account Compromise

Centerstone Insurance and Financial Services, operating as BenefitMall, has started notifying more than 111,000 individuals that some of their protected health information has been exposed, and potentially stolen, in a recent email security incident.

Dallas, TX-based BenefitMall is a provider of employee benefits, payroll, HR, and employer services and employs more than 20,000 advisors, brokers, and CPAs across the country. The company is a business associate of several HIPAA-covered entities.

On October 11, 2018, the company became aware that email accounts used by its employees had been accessed by an unauthorized individual. A third-party computer forensics firm was retained and an internal investigation was conducted to assess the nature and scope of the breach.

The investigation revealed the first email accounts had been compromised in June 2018 and further email accounts were breached and accessed up to October 11 when the attack was detected. Prompt action was taken to secure the compromised email accounts and prevent further remote email account access. The email accounts were compromised as a result of employees falling for phishing scams.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

The email accounts were compromised as a result of employees falling for phishing scams. Click To Tweet

An analysis of the compromised email accounts revealed many emails in those accounts contained the personal information of individuals related to the services provided. The information exposed and potentially stolen was limited to names, addresses, social security numbers, dates of birth, bank account numbers, and information relating to payment of insurance premiums.

The security breach has prompted BenefitMall to review its email security controls, which have now been augmented to provide greater protection against phishing attacks. Two-factor authentication has now been implemented on its email system and employees have been provided with further training to improve awareness of phishing scams and how to guard against them. Further security awareness and phishing training will be provided to employees on an ongoing basis.

The security breach has been reported to law enforcement and BenefitMall will continue to assist with their investigation and will work closely with the insurance providers whose members were affected by the breach. The Department of Health and Human Services’ Office for Civil Rights (OCR) has been notified. The breach report submitted to OCR indicates 111,589 individuals have been affected by the breach.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.