Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

2,143 Patients were impacted by the Phishing Attack on United Hospital District


United Hospital District - that is located in the Blue Earth City of Minnesota - has discovered that patient information have been exposed and then potentially been accessed by an unknown and unauthorized individual due to the phishing attack in the month of June 2018.

Many other healthcare entities have also reported recently to the federal regulators about data breaches that involves apparent phishing as well as other email-related attacks. "All of these incidents speak to the rampant attacks we are seeing across healthcare, and yet organizations are still not investing enough in protection or detection," says CEO of CynergisTek, Mac McMillan. CynergisTek is a security consulting firm.

The phishing attack in United Hospital District of Minnesota resulted in compromise of one email account. The attacker was able to obtain the credentials of this email account when an employee replied to the phishing email. According to substitute breach notice posted on their website by the healthcare provider, the email account has been compromised in between 10 June and 27 June, 2018.

A detailed analysis of compromised email account was being conducted by the third-party cybersecurity professionals. These third-party cybersecurity professionals established on 12 December, 2018, that the patient information was potentially been accessed by the attacker. The investigators found that the emails as well as file attachments in compromised email account contain 2,143 patients' PHI (Protected Health Information).

The information types contained in the compromised email account differs for every patient. The following types of information might have been included: patient names, internal patient identification numbers, health insurance information as well as addresses. For a few affected patients, information such as Social Security numbers, diagnoses, and/or treatment information might have been included as well.

Although the attacker might have accessed data, but it was yet to be confirmed. Moreover, there are no reports received which suggest that the patient information has been misused.

United Hospital District has notified 2,143 patients about the breach by mail. Besides, all patients whose Social Security number got exposed were offered free one-year subscription to identity theft restoration and credit monitoring services.

In response to this data breach, the hospital has implemented more email security measures and employees were given more security awareness training.

ยป SPAMfighter News - 3/4/2019

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next