Centerstone Insurance and Financial Services, which conducts its business as BenefitMall, has begun alerting more than 111,000 individuals that some of their protected health information has been illegally accessed, and possible stolen, in a recent email hacking incident.
Dallas, TX-based BenefitMall is a supplier of employee benefits, payroll, HR, and employer services and has a workforce of over 20,000 advisors, brokers, and CPAs across the country. The company is a business associate of a number of HIPAA-covered bodies.
On October 11, 2018, the company were advised that that access to email accounts used by its employees had been obtained by an unauthorized individual. A third-party computer forensics company was hired and an internal investigation was completed to review the nature and scope of the breach.
The investigation showed that the first email accounts had been compromised in June 2018 and further email accounts were breached and logged onto up to October 11 when the attack was discovered. Quick action was taken to safeguard the compromised email accounts and stop further remote email account access. The email accounts were hacked due employees being tricked by phishing scams.
A review of the compromised email accounts indicated that many emails in those accounts contained the personal information of individuals related to the services supplied. The information exposed and possibly stolen was restricted to names, addresses, social security numbers, dates of birth, bank account numbers, and data relating to payment of insurance premiums.
The security breach has led to BenefitMall assessing its email security controls, which have now been amended to provide greater protection against phishing attacks. Two-factor authentication has now added to its email system and staff have been provided with further training to improve awareness of phishing scams and how to prevent them. Additional security awareness and phishing training will be given to employees on a constant basis.
The security breach has been made known to law enforcement and BenefitMall will continue to help in the investigations while working closely with the insurance providers whose members were impacted by the breach. The Department of Health and Human Services’ Office for Civil Rights (OCR) has been sent an official breach notification and it states 111,589 individuals have been affected by the hacking attack.