Protected Health Information of 23,811 patients of Palmetto Health exposed in a phishing attack

The threat from the phishing attacks have been growing more rapidly than ever before. The healthcare organizations are now required to implement proper security measures, so as to protect and look after their patient's information; otherwise they are susceptible to have a data breach.

Palmetto Health - now called as Prisma Health - based in South Carolina has suffered from a phishing attack, which has resulted in numerous email accounts getting accessed by the unauthorized individuals.

Palmetto Health fall prey to a phishing scam, when several emails have been sent to Palmetto's employees containing a malicious hyperlink. Once the link in emails was clicked, then those Palmetto employees were directed towards a web page that appears realistic. In this web page, these employees were required to provide their email credentials. As soon as the email credentials were entered by the employees, the attackers have that information which they used for gaining access to those email accounts.

Upon discovery, the compromised account access has been blocked and a third-party forensics firm was hired. An investigation has been conducted by the third-party forensics firm in order to determine the extent and nature of this breach, and also to see whether any Protected Health Information (i.e. PHI) of patients' was exposed.

The third-party forensics firm found that the first email account was compromised in Nov. 2018. The emails were checked manually to find whether they contain any PHI, so the review process has taken some time to get completed. The review process got completed on Feb. 19, 2019, and has revealed that 23,811 patients protected health information had been exposed. All of them are getting notified by Palmetto Health about this possible breach.

The exposed information has been limited to names along with information used by the Palmetto Health while providing consultation or treatment. A few emails also contain the financial information, health insurance information, and/or Social Security numbers.

"We believe the purpose of the unauthorized access was to gain access to payroll information," said officials of Palmetto Health in a statement. Any evidence was not found that will suggest patient information has been accessed or copied, however still data theft cannot be ruled out.

Moreover, complementary identity theft protection and credit monitoring services were offered to all the patients whose financial information was possibly been accessed.

» SPAMfighter News - 5/6/2019