{"id":108,"date":"2023-02-21T08:57:25","date_gmt":"2023-02-21T14:57:25","guid":{"rendered":"https:\/\/kentprotect.com\/?p=108"},"modified":"2023-03-06T09:55:52","modified_gmt":"2023-03-06T15:55:52","slug":"2022-2023-highmark-health-insurance-data-breach","status":"publish","type":"post","link":"https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/","title":{"rendered":"2022 Highmark Health Insurance Data Breach"},"content":{"rendered":"<div class='booster-block booster-read-block'><\/div>\n<p class=\"wp-block-paragraph\">(Photo credits: Webster, 2019)<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>One-sentence summary: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">300,000 Highmark health insurance customers were breached in 2022 due to a successful phishing attempt. <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Who was involved?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">300,00 Highmark health insurance customers, a threat actor, and Highmark Inc. <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>What was the timeline?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">December 13-15, 2022: Employee was phished and breach was active. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">December 15, 2022: The breach was discovered by Highmark. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">February 3, 2023: Breach was reported to the Office of the Maine Attorney General (Office of the Maine Attorney General, 2023a). <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">February 6, 2023: First press release was seen on Highmark&#8217;s website (Highmark, 2023).  <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">February 12, 2023: Customers were officially notified of the breach (Office of the Maine Attorney General, 2023b). <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>What occurred?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A Highmark health insurance employee was successfully phished via a malicious URL, leading to initial access by a threat actor who began accessing PHI (Highmark, 2023, para. 2). Sensitive information, not limited to PHI, was successfully exfiltrated for over 300,000 members. On December 15, Highmark began their incident response and &#8220;quickly&#8221; began containing the affected user (Highmark, 2023, para. 3). Information leaked included &#8220;dates of service, procedures, prescription information, dates of birth, email addresses, phone numbers, driver\u2019s license number, passport number&#8221; and even &#8220;social security numbers and financial information&#8221; (Highmark, 2023, para. 5). <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Estimated costs:<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Data breach notification costs (including 7 day\/week &#8220;dedicated call center&#8221;), identify theft monitoring for &#8220;24 months,&#8221; as well as &#8220;third-party digital forensics&#8221; costs (Highmark, 2023, paras. 3,7; Office of the Maine Attorney General, 2023a, para. 4). <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Involved laws: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">HIPAA and HITECH. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">State laws (Maine): 10 M.R.S.A. \u00a7 1346. <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Root cause: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Phishing: employee was successfully phished via an emailed malicious URL. <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Lessons learned: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">User awareness training is critical for any user with any public-facing access (e.g., email, phone, etc.). Mail gateways must also be employed and synchronized with threat intelligence sources to quickly detect and quarantine malicious links\/files and flag\/remove suspected phishing emails. Having a 24\/7 SOC to monitor inbound email traffic and potentially flag suspicious activity through the entire kill chain\/MITRE framework can also help quickly stop or contain incidents. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Example solutions: <\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em><br><\/em><strong>User Awareness: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Knowbe4 <a href=\"https:\/\/www.knowbe4.com\/products\/kevin-mitnick-security-awareness-training\/\">https:\/\/www.knowbe4.com\/products\/kevin-mitnick-security-awareness-training\/<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Proofpoint <a href=\"https:\/\/www.proofpoint.com\/us\/products\/security-awareness-training\">https:\/\/www.proofpoint.com\/us\/products\/security-awareness-training<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Email Gateway: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Barracuda <a href=\"https:\/\/www.barracuda.com\/products\/email-protection\/email-security-gateway\">https:\/\/www.barracuda.com\/products\/email-protection\/email-security-gateway<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Proofpoint <a href=\"https:\/\/www.proofpoint.com\/us\/threat-reference\/email-gateway\">https:\/\/www.proofpoint.com\/us\/threat-reference\/email-gateway<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>SOC: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">CyberConvoy MDR (managed detection and response): <a href=\"https:\/\/cyberconvoy.com\/\">https:\/\/cyberconvoy.com\/<\/a><\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Sources: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Highmark. (2023, February 6). <em>Highmark notifies members about data breach<\/em>. highmark.com. Retrieved February 21, 2023, from https:\/\/www.highmark.com\/newsroom\/press-releases\/highmark-notifies-members-about-data-breach<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Office of the Maine Attorney General. (2023a, February 3). <em>Office of the Maine AG: Consumer Protection: Privacy, Identity Theft and Data Security Breaches<\/em>. maine.gov. Retrieved February 21, 2023, from https:\/\/apps.web.maine.gov\/online\/aeviewer\/ME\/40\/list.shtml<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Office of the Maine Attorney General. (2023b, February 3). <em>Office of the Maine AG: Consumer Protection: Privacy, Identity Theft and Data Security Breaches<\/em>. maine.gov. Retrieved February 21, 2023, from https:\/\/apps.web.maine.gov\/online\/aeviewer\/ME\/40\/67bb2ced-9a70-4248-b728-68a92a56c860.shtml<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Webster, T. (2019, June 11). <em>Highmark Place Skyscraper (Fifth Avenue Place Tower), Pittsburgh<\/em>. flickr.com. https:\/\/www.flickr.com\/photos\/diversey\/48069231343<\/p>\n","protected":false},"excerpt":{"rendered":"<p>(Photo credits: Webster, 2019) One-sentence summary: 300,000 Highmark health insurance customers were breached in 2022 due to a<\/p>\n","protected":false},"author":4,"featured_media":110,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[68,3,12,13,76,63,75,61,11,10,77,78,74,14,66,64,25,69,71,100,99,72,70,8,27,73,98,6,102,67,62,65,101,15,79,80],"class_list":["post-108","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-breach-report","tag-been-pwned","tag-breach-report","tag-breaches","tag-ciso","tag-cloud","tag-computer-security","tag-cyber-security","tag-cybercrime","tag-cybersecurity","tag-dallas","tag-dark-web","tag-darkweb","tag-data-breach","tag-executive","tag-hack","tag-hacker","tag-hacking","tag-have-been-pwned","tag-have-i-pwned","tag-health-insurance","tag-highmark","tag-i-been-pwned","tag-i-have-been-pwned","tag-kent-protect","tag-kentprotect","tag-password","tag-pennsylvania","tag-phishing","tag-pittsburgh","tag-pwned","tag-security","tag-security-hacker","tag-social-engineering","tag-summary","tag-the-darkweb","tag-tor"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>2022 Highmark Health Insurance Data Breach - Kent Protect<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"2022 Highmark Health Insurance Data Breach - Kent Protect\" \/>\n<meta property=\"og:description\" content=\"(Photo credits: Webster, 2019) One-sentence summary: 300,000 Highmark health insurance customers were breached in 2022 due to a\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/\" \/>\n<meta property=\"og:site_name\" content=\"Kent Protect\" \/>\n<meta property=\"article:published_time\" content=\"2023-02-21T14:57:25+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-03-06T15:55:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/02\/48069231343_d7d583a32f_k.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2048\" \/>\n\t<meta property=\"og:image:height\" content=\"1366\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Kyler Kent CISSP\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kyler Kent CISSP\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/02\\\/21\\\/2022-2023-highmark-health-insurance-data-breach\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/02\\\/21\\\/2022-2023-highmark-health-insurance-data-breach\\\/\"},\"author\":{\"name\":\"Kyler Kent CISSP\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#\\\/schema\\\/person\\\/f9b4d76bd2f5b5559a08ad2e004a1116\"},\"headline\":\"2022 Highmark Health Insurance Data Breach\",\"datePublished\":\"2023-02-21T14:57:25+00:00\",\"dateModified\":\"2023-03-06T15:55:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/02\\\/21\\\/2022-2023-highmark-health-insurance-data-breach\\\/\"},\"wordCount\":489,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/02\\\/21\\\/2022-2023-highmark-health-insurance-data-breach\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/48069231343_d7d583a32f_k.jpg\",\"keywords\":[\"been pwned\",\"breach report\",\"breaches\",\"ciso\",\"cloud\",\"computer security\",\"cyber security\",\"cybercrime\",\"cybersecurity\",\"dallas\",\"dark web\",\"darkweb\",\"data breach\",\"executive\",\"hack\",\"hacker\",\"hacking\",\"have been pwned\",\"have I pwned\",\"health insurance\",\"highmark\",\"I been pwned\",\"I have been pwned\",\"kent protect\",\"kentprotect\",\"password\",\"pennsylvania\",\"phishing\",\"pittsburgh\",\"pwned\",\"security\",\"security hacker\",\"social engineering\",\"summary\",\"the darkweb\",\"tor\"],\"articleSection\":[\"The Breach Report!\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/02\\\/21\\\/2022-2023-highmark-health-insurance-data-breach\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/02\\\/21\\\/2022-2023-highmark-health-insurance-data-breach\\\/\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/02\\\/21\\\/2022-2023-highmark-health-insurance-data-breach\\\/\",\"name\":\"2022 Highmark Health Insurance Data Breach - Kent Protect\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/02\\\/21\\\/2022-2023-highmark-health-insurance-data-breach\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/02\\\/21\\\/2022-2023-highmark-health-insurance-data-breach\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/48069231343_d7d583a32f_k.jpg\",\"datePublished\":\"2023-02-21T14:57:25+00:00\",\"dateModified\":\"2023-03-06T15:55:52+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/02\\\/21\\\/2022-2023-highmark-health-insurance-data-breach\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/02\\\/21\\\/2022-2023-highmark-health-insurance-data-breach\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/02\\\/21\\\/2022-2023-highmark-health-insurance-data-breach\\\/#primaryimage\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/48069231343_d7d583a32f_k.jpg\",\"contentUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/48069231343_d7d583a32f_k.jpg\",\"width\":2048,\"height\":1366},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/02\\\/21\\\/2022-2023-highmark-health-insurance-data-breach\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/kentprotect.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"2022 Highmark Health Insurance Data Breach\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#website\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/\",\"name\":\"Kent Protect\",\"description\":\"Starring the Breach Report! and other security and cybersecurity series\",\"publisher\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/kentprotect.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#organization\",\"name\":\"Kent Protect\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/cropped-FullLogo_Transparent-1-with-KP-Smaller.png\",\"contentUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/cropped-FullLogo_Transparent-1-with-KP-Smaller.png\",\"width\":209,\"height\":161,\"caption\":\"Kent Protect\"},\"image\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#\\\/schema\\\/person\\\/f9b4d76bd2f5b5559a08ad2e004a1116\",\"name\":\"Kyler Kent CISSP\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Retry-3-150x150.jpg\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Retry-3-150x150.jpg\",\"contentUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Retry-3-150x150.jpg\",\"caption\":\"Kyler Kent CISSP\"},\"description\":\"Kyler Kent is a Senior Cybersecurity Analyst on CrowdStrike\u2019s Falcon Complete MDR team, where he helps large enterprises detect, investigate, and contain real intrusions across cloud and hybrid environments. His work spans threat hunting, incident response, and security automation\u2014turning noisy telemetry into clear, repeatable actions that reduce risk quickly. Previously, Kyler served as a Threat Hunting and Intelligence Specialist supporting a critical infrastructure provider in Dallas, and led security automation and operational coordination at CyberConvoy. He holds a Master\u2019s in Cybersecurity Risk Management from Georgetown University and maintains certifications including CISSP, AWS Solutions Architect \u2013 Professional, AWS Security \u2013 Specialty, and multiple CrowdStrike credentials. He writes to close the gap between \u201cwhat the textbook says\u201d and what analysts actually do on shift with his published book: \\\"SOC Analyst Career Guide\\\" (ISBN-13: 9781835467466). https:\\\/\\\/linktr.ee\\\/kentprotect.com Corrections: corrections@kentprotect.com\",\"sameAs\":[\"http:\\\/\\\/kylerkent.com\"],\"url\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/author\\\/kylerkent\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"2022 Highmark Health Insurance Data Breach - Kent Protect","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/","og_locale":"en_US","og_type":"article","og_title":"2022 Highmark Health Insurance Data Breach - Kent Protect","og_description":"(Photo credits: Webster, 2019) One-sentence summary: 300,000 Highmark health insurance customers were breached in 2022 due to a","og_url":"https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/","og_site_name":"Kent Protect","article_published_time":"2023-02-21T14:57:25+00:00","article_modified_time":"2023-03-06T15:55:52+00:00","og_image":[{"width":2048,"height":1366,"url":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/02\/48069231343_d7d583a32f_k.jpg","type":"image\/jpeg"}],"author":"Kyler Kent CISSP","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Kyler Kent CISSP"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/#article","isPartOf":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/"},"author":{"name":"Kyler Kent CISSP","@id":"https:\/\/kentprotect.com\/#\/schema\/person\/f9b4d76bd2f5b5559a08ad2e004a1116"},"headline":"2022 Highmark Health Insurance Data Breach","datePublished":"2023-02-21T14:57:25+00:00","dateModified":"2023-03-06T15:55:52+00:00","mainEntityOfPage":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/"},"wordCount":489,"commentCount":0,"publisher":{"@id":"https:\/\/kentprotect.com\/#organization"},"image":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/#primaryimage"},"thumbnailUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/02\/48069231343_d7d583a32f_k.jpg","keywords":["been pwned","breach report","breaches","ciso","cloud","computer security","cyber security","cybercrime","cybersecurity","dallas","dark web","darkweb","data breach","executive","hack","hacker","hacking","have been pwned","have I pwned","health insurance","highmark","I been pwned","I have been pwned","kent protect","kentprotect","password","pennsylvania","phishing","pittsburgh","pwned","security","security hacker","social engineering","summary","the darkweb","tor"],"articleSection":["The Breach Report!"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/","url":"https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/","name":"2022 Highmark Health Insurance Data Breach - Kent Protect","isPartOf":{"@id":"https:\/\/kentprotect.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/#primaryimage"},"image":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/#primaryimage"},"thumbnailUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/02\/48069231343_d7d583a32f_k.jpg","datePublished":"2023-02-21T14:57:25+00:00","dateModified":"2023-03-06T15:55:52+00:00","breadcrumb":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/#primaryimage","url":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/02\/48069231343_d7d583a32f_k.jpg","contentUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/02\/48069231343_d7d583a32f_k.jpg","width":2048,"height":1366},{"@type":"BreadcrumbList","@id":"https:\/\/kentprotect.com\/index.php\/2023\/02\/21\/2022-2023-highmark-health-insurance-data-breach\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/kentprotect.com\/"},{"@type":"ListItem","position":2,"name":"2022 Highmark Health Insurance Data Breach"}]},{"@type":"WebSite","@id":"https:\/\/kentprotect.com\/#website","url":"https:\/\/kentprotect.com\/","name":"Kent Protect","description":"Starring the Breach Report! and other security and cybersecurity series","publisher":{"@id":"https:\/\/kentprotect.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kentprotect.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kentprotect.com\/#organization","name":"Kent Protect","url":"https:\/\/kentprotect.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kentprotect.com\/#\/schema\/logo\/image\/","url":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/cropped-FullLogo_Transparent-1-with-KP-Smaller.png","contentUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/cropped-FullLogo_Transparent-1-with-KP-Smaller.png","width":209,"height":161,"caption":"Kent Protect"},"image":{"@id":"https:\/\/kentprotect.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/kentprotect.com\/#\/schema\/person\/f9b4d76bd2f5b5559a08ad2e004a1116","name":"Kyler Kent CISSP","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Retry-3-150x150.jpg","url":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Retry-3-150x150.jpg","contentUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Retry-3-150x150.jpg","caption":"Kyler Kent CISSP"},"description":"Kyler Kent is a Senior Cybersecurity Analyst on CrowdStrike\u2019s Falcon Complete MDR team, where he helps large enterprises detect, investigate, and contain real intrusions across cloud and hybrid environments. His work spans threat hunting, incident response, and security automation\u2014turning noisy telemetry into clear, repeatable actions that reduce risk quickly. Previously, Kyler served as a Threat Hunting and Intelligence Specialist supporting a critical infrastructure provider in Dallas, and led security automation and operational coordination at CyberConvoy. He holds a Master\u2019s in Cybersecurity Risk Management from Georgetown University and maintains certifications including CISSP, AWS Solutions Architect \u2013 Professional, AWS Security \u2013 Specialty, and multiple CrowdStrike credentials. He writes to close the gap between \u201cwhat the textbook says\u201d and what analysts actually do on shift with his published book: \"SOC Analyst Career Guide\" (ISBN-13: 9781835467466). https:\/\/linktr.ee\/kentprotect.com Corrections: corrections@kentprotect.com","sameAs":["http:\/\/kylerkent.com"],"url":"https:\/\/kentprotect.com\/index.php\/author\/kylerkent\/"}]}},"_links":{"self":[{"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/posts\/108","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/comments?post=108"}],"version-history":[{"count":5,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/posts\/108\/revisions"}],"predecessor-version":[{"id":122,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/posts\/108\/revisions\/122"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/media\/110"}],"wp:attachment":[{"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/media?parent=108"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/categories?post=108"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/tags?post=108"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}