Health Net and Centene Penalized $11 Million for Cybersecurity Breaches

Published:

spot_img

Health Net Federal Services Settles Cybersecurity Compliance Allegations for Over $11 Million

Health Net Federal Services to Pay Over $11 Million for Cybersecurity Violations

In a significant settlement, Health Net Federal Services, LLC (HNFS) and its parent company, Centene Corporation, have agreed to pay $11.25 million to resolve allegations of falsely certifying compliance with cybersecurity requirements under a contract with the U.S. Department of Defense (DoD). This case underscores the increasing scrutiny on cybersecurity practices among government contractors, particularly those handling sensitive information.

Based in Rancho Cordova, California, HNFS was responsible for administering the Defense Health Agency’s (DHA) TRICARE health benefits program, which provides essential medical services to U.S. servicemembers and their families. The U.S. Department of Justice (DOJ) accused HNFS of failing to meet required cybersecurity standards between 2015 and 2018, including neglecting to scan for known vulnerabilities and address security flaws in a timely manner.

Acting Assistant Attorney General Brett A. Shumate emphasized the critical nature of cybersecurity compliance, stating, “Companies that hold sensitive government information must meet their contractual obligations to protect it.” The DOJ’s findings revealed multiple failures, including inadequate access controls, poor patch management, and the use of outdated technology, all of which heightened the risk of unauthorized access to sensitive data.

The settlement serves as a stark reminder to federal contractors about the importance of adhering to cybersecurity regulations. As cyber threats evolve, government agencies are ramping up enforcement measures to ensure that companies entrusted with sensitive data prioritize robust security practices.

With this settlement, HNFS and Centene Corporation are not only addressing past compliance failures but also reinforcing the message that cybersecurity is a non-negotiable aspect of government contracting. As regulatory oversight intensifies, companies must strengthen their cybersecurity frameworks to safeguard sensitive information against emerging threats.

spot_img

Related articles

Recent articles

Hackers Expose 19,000 Files, Including Nuclear Blueprints, from India’s Largest Plant on Dark Web

Hackers Expose 19,000 Files, Including Nuclear Blueprints, from India's Largest Plant on Dark Web A significant cybersecurity breach has emerged involving the Kudankulam Nuclear Power...

Australia-India PACTS Advances Cybersecurity and Technology Cooperation

Australia-India PACTS Advances cybersecurity and Technology Cooperation Australia and India have launched the Australia-India Partnership on Cyber, Critical Technologies, and Supply Chains (PACTS), a strategic...

Microsoft’s July Patch Tuesday Unveils Critical Exploits Amidst 622 Vulnerabilities

Microsoft's July Patch Tuesday Unveils Critical Exploits Amidst 622 Vulnerabilities Microsoft's recent Patch Tuesday has revealed significant vulnerabilities, with two of them already being exploited...

Enshi Suobuya Stone Forest Boosts Cultural Experiences for Southeast Asian Tourists

Enshi Suobuya Stone Forest Boosts Cultural Experiences for Southeast Asian Tourists ENSHI, CHINA - As China continues to refine its inbound visa-free policies, the Suobuya...