Cybersecurity Slip-up: Health Net’s $11M Oops with DoD Contract Compliance
Health Net Federal Services and Centene Corporation will pay $11 million to settle claims they lied about cybersecurity compliance while managing TRICARE for the Department of Defense. Allegedly, they skipped vulnerability scans like skipping leg day, and failed to patch security holes, making “cybersecurity” more of a suggestion than a requirement.
Hot Take:
**_Looks like Health Net Federal Services (HNFS) and Centene Corporation just got a crash course in cybersecurity compliance – to the tune of $11 million! Who knew pretending to be secure could be so expensive? It’s almost like they’re paying a hefty tuition fee for the School of Hard Knocks. But hey, at least no data got lost in the process… just a few million dollars._**
Key Points:
– HNFS and Centene Corporation settled for $11 million over false cybersecurity compliance claims.
– Allegedly, HNFS failed to meet cybersecurity requirements for the TRICARE program between 2015-2018.
– The issues included negligence in vulnerability scanning and ignoring third-party audit reports.
– HNFS allegedly submitted three false annual compliance certifications.
– Despite the settlement, neither HNFS nor Centene admitted to any liability, and no data was reportedly lost.