NationsBenefits Data Breach: What & How It Happened?
Twingate Team
•
Jun 20, 2024
In January 2023, NationsBenefits, a provider of supplemental benefits and member engagement solutions, experienced a significant data breach. The breach involved unauthorized access to sensitive information of health plan members. The incident became public in April 2023, when the company began notifying impacted individuals.
How many accounts were compromised?
The breach impacted data related to over 3 million individuals.
What data was leaked?
The data exposed in the breach included names, addresses, telephone numbers, dates of birth, health plan subscriber identification numbers, Social Security numbers, and/or Medicare numbers.
How was NationsBenefits hacked?
The cybercriminals behind the NationsBenefits data breach, identified as the Clop ransomware group, exploited vulnerabilities in Fortra's GoAnywhere MFT file transfer solution to gain unauthorized access to sensitive information. In response, NationsBenefits permanently took its MFT servers offline and transitioned to an alternative file transfer solution, effectively closing the entry points used by the attackers. Further details about the specific vulnerabilities exploited and the exact timeline of the breach remain unclear.
NationsBenefits's solution
In response to the hack, NationsBenefits took several measures to secure its platform and prevent future incidents. This included conducting an internal investigation to confirm that the threat actor did not move laterally to other systems or applications. NationsBenefits also strengthened its security measures and transitioned to an alternative file transfer solution that does not rely on Fortra software. The company began notifying impacted individuals in April 2023, but it remains unclear whether they encouraged affected customers to change their passwords as a precaution.
How do I know if I was affected?
NationsBenefits has not explicitly mentioned reaching out to affected users. If you are a NationsBenefits customer and have not received a notification, you may visit Have I Been Pwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and any other important online accounts. Consider enabling this additional security feature to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized transactions or changes to the appropriate parties.
For more specific help and instructions related to the NationsBenefits data breach, please contact NationsBenefits support directly.
Where can I go to learn more?
If you want to find more information on the NationsBenefits data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
NationsBenefits Data Breach: What & How It Happened?
Twingate Team
•
Jun 20, 2024
In January 2023, NationsBenefits, a provider of supplemental benefits and member engagement solutions, experienced a significant data breach. The breach involved unauthorized access to sensitive information of health plan members. The incident became public in April 2023, when the company began notifying impacted individuals.
How many accounts were compromised?
The breach impacted data related to over 3 million individuals.
What data was leaked?
The data exposed in the breach included names, addresses, telephone numbers, dates of birth, health plan subscriber identification numbers, Social Security numbers, and/or Medicare numbers.
How was NationsBenefits hacked?
The cybercriminals behind the NationsBenefits data breach, identified as the Clop ransomware group, exploited vulnerabilities in Fortra's GoAnywhere MFT file transfer solution to gain unauthorized access to sensitive information. In response, NationsBenefits permanently took its MFT servers offline and transitioned to an alternative file transfer solution, effectively closing the entry points used by the attackers. Further details about the specific vulnerabilities exploited and the exact timeline of the breach remain unclear.
NationsBenefits's solution
In response to the hack, NationsBenefits took several measures to secure its platform and prevent future incidents. This included conducting an internal investigation to confirm that the threat actor did not move laterally to other systems or applications. NationsBenefits also strengthened its security measures and transitioned to an alternative file transfer solution that does not rely on Fortra software. The company began notifying impacted individuals in April 2023, but it remains unclear whether they encouraged affected customers to change their passwords as a precaution.
How do I know if I was affected?
NationsBenefits has not explicitly mentioned reaching out to affected users. If you are a NationsBenefits customer and have not received a notification, you may visit Have I Been Pwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and any other important online accounts. Consider enabling this additional security feature to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized transactions or changes to the appropriate parties.
For more specific help and instructions related to the NationsBenefits data breach, please contact NationsBenefits support directly.
Where can I go to learn more?
If you want to find more information on the NationsBenefits data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
NationsBenefits Data Breach: What & How It Happened?
Twingate Team
•
Jun 20, 2024
In January 2023, NationsBenefits, a provider of supplemental benefits and member engagement solutions, experienced a significant data breach. The breach involved unauthorized access to sensitive information of health plan members. The incident became public in April 2023, when the company began notifying impacted individuals.
How many accounts were compromised?
The breach impacted data related to over 3 million individuals.
What data was leaked?
The data exposed in the breach included names, addresses, telephone numbers, dates of birth, health plan subscriber identification numbers, Social Security numbers, and/or Medicare numbers.
How was NationsBenefits hacked?
The cybercriminals behind the NationsBenefits data breach, identified as the Clop ransomware group, exploited vulnerabilities in Fortra's GoAnywhere MFT file transfer solution to gain unauthorized access to sensitive information. In response, NationsBenefits permanently took its MFT servers offline and transitioned to an alternative file transfer solution, effectively closing the entry points used by the attackers. Further details about the specific vulnerabilities exploited and the exact timeline of the breach remain unclear.
NationsBenefits's solution
In response to the hack, NationsBenefits took several measures to secure its platform and prevent future incidents. This included conducting an internal investigation to confirm that the threat actor did not move laterally to other systems or applications. NationsBenefits also strengthened its security measures and transitioned to an alternative file transfer solution that does not rely on Fortra software. The company began notifying impacted individuals in April 2023, but it remains unclear whether they encouraged affected customers to change their passwords as a precaution.
How do I know if I was affected?
NationsBenefits has not explicitly mentioned reaching out to affected users. If you are a NationsBenefits customer and have not received a notification, you may visit Have I Been Pwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and any other important online accounts. Consider enabling this additional security feature to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report any unauthorized transactions or changes to the appropriate parties.
For more specific help and instructions related to the NationsBenefits data breach, please contact NationsBenefits support directly.
Where can I go to learn more?
If you want to find more information on the NationsBenefits data breach, check out the following news articles:
Solutions
Solutions
The VPN replacement your workforce will love.
Solutions