Highmark data breach affecting about 300,000 members exposed personal information to hackers

A Highmark data breach affecting about 300,000 members exposed personal information to hackers.

In a release, Highmark stated the information that may have been compromised includes names, enrollment information such as group name, identification number, claims or treatment information such as claim numbers, dates of service, procedures, prescription information, dates of birth, email addresses, phone numbers, driver’s license number, passport number, as well as in some cases social security numbers and financial information.

The company said they acted immediately when they realized the breach occurred.

According to Highmark, the breach occurred between Dec. 13 and Dec. 15, when an employee clicked on an email phishing link which allowed someone outside the company to gain access to files.

“I think some people might fear that they’re going to get in trouble or something like that, but really you have to notify right away,” said bit-x-bit, LLC President and Director of Digital Forensics Brett Creasy.

Channel 11 spoke to bit-x-bit, LLC. It’s a local digital forensics and cybersecurity company. President and Director of Digital Forensics Brett Creasy says when it comes to avoiding falling victim to a phishing attempt, it’s important to stop and think.

“There’s always these little tricks,” said Creasy. “You can hover your mouse over the sender and things like that to try to see if the actual address it’s coming from is what it displays as. There are little things like that, but really the key takeaway is to stop. Everyone is in a rush these days. Don’t take action immediately. Attackers are preying on the fact that everyone is in a rush and that they’re going to have a hurried response to something particularly when they try to make an e-mail seem urgent. Really the key takeaway is to just take a step back. Think about it for a second.”

Creasy says to take a second and ask yourself, am I expecting this email?

“If not, pick up the phone,” said Creasy. “Find some other means of contacting them to make sure that what they’re requesting you to do is in fact legitimate.”

Highmark found out about this recent data breach back in December. About 300,000 members are now impacted by it. 96,000 of those are in Pennsylvania.

At this time, the healthcare company says there’s been no evidence that any of the information that’s been accessed has been used fraudulently.

“The attackers who are doing these things are more sophisticated today than they were yesterday,” said Creasy. “It’s no longer the Nigerian prince from Africa trying to give you $10 million. It is targeted. They know your background. They research you on LinkedIn and the cues within the e-mails are getting better and better.”

Creasy says it could take days or months or years for a company to recover from a data breach.

“It can be devastating,” said Creasy. “It really depends on the level of access the employee may have had. Generally, that’s just the foothold. That’s the starting point for some of these attacks. It may lead to not so much a technical attack. It could be an engineering attack to get that person to do something that they’re not supposed to do. Maybe that person has access to wire money or the employee may have very specific information that the attacker is interested in. The after-the-fact investigation can be very wide and damaging or if you’re lucky it’s caught by your security team quickly and remediated quickly.

Highmark says they’ll notify people who have been impacted by this breach by mail. Members with questions about the breach can contact Highmark at 800-459-4092.