5,000 Patients of Metrocare Services affected by the Second Phishing Attack in last few months

Metrocare Services, a mental health services provider in North Texas, got affected by the second phishing attack in last few months. This second phishing attack saw an unauthorized individual accessing email accounts of a number of employees.

The breach was discovered first by the officials on Feb. 6, 2019. Soon after discovering the breach, the compromised email accounts were secured so as to stop further access and an investigation has been launched. The investigation found that the email accounts got first compromised in Jan. 2019.

The breach investigation by the officials did not find any evidence that will suggest emails containing the Protected Health Information (PHI) was accessed or copied by the hacker, but PHI access as well as theft cannot be ruled out.

An analysis of this affected accounts revealed that they contained the PHI of 5,290 patients. On Apr. 5, 2019, notifications were sent to the patients about the information that could possibly been accessed because of the attack and may vary patient to patient i.e. name, health insurance information, driver's license information, date of birth, health information associated to services provided by the Metrocare, and Social Security numbers for certain patients.

The patients whose Social Security number got exposed were offered 12 months of free access to the credit monitoring and identity theft protection services.

"To help prevent something like this from happening in the future, we are taking steps to add additional security measures to our current information technology infrastructure, including strengthening the security of our e-mail system and have implemented multi-factor authentication on its email systems," said the officials in a statement.

This is not for the first-time that Metrocare Services experienced a phishing attack. Just five months before this January 2019 phishing attack, 1,800 patients PHI got compromised in an identical kind of attack. At that time, the officials first discovered breach in September on a number of employee email accounts. However, the access began in August. After this August 2018 attack also, Metrocare Services said that it was strengthening security of their email system as well provided more training to the employees so as to help them in identifying possible phishing attacks.

Had they implemented multifactor authentication after first phishing attack, then this second and larger breach could possibly have been prevented.

» SPAMfighter News - 5/9/2019