Cyber Incident Victim: Select Health Network

Select Health Network, a provider network serving health plans and healthcare providers, experienced a security incident involving unauthorized access to an employee email account between May 22, 2019, and June 13, 2019. The organization detected unusual activity in the account and immediately secured it upon discovery, though the exact date of initial detection was not disclosed. Select Health engaged third-party forensic experts to investigate the incident's nature and scope. The investigation confirmed the unauthorized access period but could not definitively determine whether specific emails or attachments were viewed or exfiltrated by the threat actor. Between June and October 2019, Select Health conducted a comprehensive review of all information stored in the compromised email account during the incident timeframe to identify potentially affected individuals.

On October 1, 2019, Select Health received the audit results from third-party experts and initiated a review to verify identities and contact information for impacted parties. Notification processes began on November 1, 2019, involving mailed letters to affected individuals, business partners, and a public notice on Select Health's website. The compromised email account contained sensitive personal and health information including names, addresses, dates of birth, member ID numbers, physician details, health insurance policy numbers, medical history, treatment details, and medical record numbers. Social Security numbers were exposed for a limited subset of individuals. No financial account information was affected, and Select Health stated no evidence existed of actual or attempted misuse of the accessed data. The organization established dedicated toll-free assistance lines for members and providers, updated internal security processes, and committed to ongoing collaboration with third-party experts to enhance system protections.