Email Phishing Attack Compromises Data in Reliable Respiratory

Reliable Respiratory discovered unusual activity in the email account of an employee in early July, which is presumed to have allowed the hackers access the protected health information of patients. The number of patients' information that was compromised is yet to be revealed. This Reliable Respiratory is in Norwood, Massachusetts.

The respiratory care provider identified unusual activity in one of the employee's email account on 3 July, 2018, and found that a phishing campaign had compromised the credentials of that employee. Soon after, forensic specialists were engaged by Reliable Respiratory for determining the scope and nature of the incident. The analysis found that the hackers gained access in the email account of the employee between 28 June, 2018, and 2 July, 2018.

Protected health information of at least 15 types might have been affected. This includes name, financial or bank account information, treatment information, diagnosis, prescription or medication information, state identification number or driver's license, patient billing or claim information, Social Security number, date of birth, username and password, debit or credit card information, health insurance information, passport number, and medical record number.

Reliable Respiratory is sending notifications to the undisclosed number of affected individuals regarding compromised health information.

As per a news release, the clinic said that "while Reliable has security measures in place to protect information in its care, it is also taking steps to implement additional safeguards and review its policies and procedures to protect the security of information on its systems".

A press release regarding this phishing incident has not mentioned that whether the company is going to extend its services, like identity theft and credit monitoring, to the affected individuals. As of now, the affected individuals were told to be vigilant against the identity theft, monitor credit reports, review account statements and have free credit reports of all the important credit reporting bureaus.

Reliable Respiratory further advised that "potentially impacted individuals may also find information regarding identity theft, fraud alerts, security freezes, and the steps they may take to protect their information by contacting the credit bureaus, the Federal Trade Commission or their state attorney general".

» SPAMfighter News - 9/13/2018