Highmark says data of 300,000 members breached

Health care giant Highmark Inc. said the data of about 300,000 of its members was compromised in a recent email scheme.

The incident was discovered Dec. 15, Highmark said Friday.

The breach occurred between Dec. 13 and Dec. 15 when “an employee was sent a malicious phishing email link that led to their email account being compromised and a threat actor obtained access to files that may have contained the protected health information of Highmark members,” the company said.

Highmark said its response teams contained the mailbox, removed the malicious email from all domain users and implemented preventive and monitoring controls.

“We also engaged a third-party digital forensics firm to determine the full extent of the breach,” the Pittsburgh-based health system and insurance company said.

Those whose information may have been compromised are being notified by mail this week.

Highmark said it has not discovered any evidence to date that data potentially accessed because of this incident has been used fraudulently.

Information involved in the breach includes enrollment information such as group name, identification number claims; treatment information such as claim numbers, dates of service, procedures, prescription information; dates of birth; driver’s license number; passport number; as well as some Social Security numbers and financial information.

The company said it plans to bolster employee training on phishing email threats.

Highmark members with questions can call 800-459-4092 Mondays through Fridays.