ÿÈÕ´óÈü¹ÙÍø

ÿÈÕ´óÈü¹ÙÍø
MyChart Log in
Bill Pay
Give
Price Transparency
ÿÈÕ´óÈü¹ÙÍø
Patients & Visitors
Locations
Services
Volunteer
Careers & Education
Contact
(607) 737-4100
August 12th, 2020, 4:00 PM

MEDIA ADVISORY: MAGELLAN ISSUES NOTICE TO CONSUMERS AFFECTED BY DATA SECURITY INCIDENT

For Immediate Release

From: Ken Roberts, System Director of Marketing, Communications & Community Relations
607-795-8105 (office) /203-305-5430 (mobile); kroberts@arnothealth.org
Date: Wednesday, August 12, 2020

ELMIRA, NY (August 12, 2020) – Note: While ÿÈÕ´óÈü¹ÙÍø itself has not experienced a data security incident, and none of its systems were compromised, ÿÈÕ´óÈü¹ÙÍø was a "covered entity" in a recent data breach experienced by Magellan Health. Therefore, as a covered entity, ÿÈÕ´óÈü¹ÙÍø is issuing this media advisory to notify media outlets serving its service area of the data security incident, as required by the Code of Federal Regulations (Title 45, Public Welfare). The nature of ÿÈÕ´óÈü¹ÙÍø's covered entity relationship with Magellan Health and the actions Magellan is taking are summarized below:

ÿÈÕ´óÈü¹ÙÍø was a "covered entity" in the data security incident experienced by Magellan Health by virtue of its group health plan's indirect relationship with Magellan, which contracted with ÿÈÕ´óÈü¹ÙÍø's former health insurance plan administrator, ELMCO. Specifically, Magellan had provided pharmacy benefit administration services to ELMCO for ÿÈÕ´óÈü¹ÙÍø's self-insured employee health plan through December 2017. A total of approximately 1,150 ÿÈÕ´óÈü¹ÙÍø employees' and family member' accounts may have been compromised in the Magellan Health data security incident.

A synopsis of Magellan's notification to consumers of the data security incident follows:

Magellan Health, Inc. and its subsidiaries and affiliates ("Magellan") recently discovered a ransomware attack. They are providing notice of this incident, along with background information of the incident and steps that those affected can take. Magellan has a number of ÿÈÕ´óÈü¹ÙÍø employee and family members' personal information based on the services it provided to ELMCO, the former health insurance plan administrator for ÿÈÕ´óÈü¹ÙÍø.

Immediately after discovering the incident, Magellan retained a leading cybersecurity forensics firm, Mandiant, to help conduct a thorough investigation of the incident. The investigation revealed that the incident may have affected some of its customer's members' personal information. Magellan has no evidence that any personal data has been misused.
The personal information included names and one or more of the following: treatment information, health insurance account information, member ID, other health-related information, e-mail addresses, phone numbers, and physical addresses. No financial information was compromised.

Magellan immediately reported the incident to, and is working closely with, law enforcement including the FBI. To help prevent a similar incident from occurring in the future, Magellan has implemented additional security protocols designed to protect our network, email environment, systems, and personal information.

Consumers interested in learning more about ways to protect themselves or determine if their health plan or employer was affected can call 888-451-6558 or visit https://www.magellanhealth.com/news/security-incident/. Media Contact: Lilly Ackley, ackleyl@magellanhealth.com, (860) 507-1983.

###

Return to all News & Releases

Social Media Guidelines
Privacy
Corporate Compliance
Price Transparency
Non-Discrimination Policy
MyChart Patient Portal Log in
Sponsorship & Event Support Requests
2026 © ÿÈÕ´óÈü¹ÙÍø
×
(607) 737-4100
Patient Portal Login
Find a Service/Provider
Locations
Services
For Patients
For Professionals
ÿÈÕ´óÈü¹ÙÍø
Events
News
Careers
Give
Contact
Bill Pay
×