Summary: Health Net Federal Services (HNFS) and its parent company Centene Corporation have agreed to pay million to settle allegations of false compliance with federal cybersecurity requirements for Department of Defense contractors. The allegations state that HNFS failed to implement necessary cybersecurity controls and submitted false compliance certifications from 2015 to 2018. While acknowledging the settlement, both companies deny any wrongdoing and state that no data breach occurred.
Affected: Department of Defense contractor Health Net Federal Services (HNFS) and parent company Centene Corporation
Keypoints :
- HNFS was contracted to administer TRICARE for US military members and families.
- The company allegedly failed to implement cybersecurity controls and ignored auditor reports on vulnerabilities.
- Despite the settlement, both HNFS and Centene deny the allegations, claiming no data was lost.