Employee of Oregon State Hospital became victim of a spear-phishing attack

Oregon State Hospital announced that the PHI (Protected Health Information) of some of their patients was possibly compromised, after an employee of Oregon State Hospital became victim of a spear-phishing email.

The employee of Oregon State Hospital has received the email on May 3, 2019. He/she opened that email on May 6, 2019, around 9:50am and clicked a link prompting him/her to type login information, thus allowing suspect to access the account, said Gipson-King.

The unauthorized access has been quickly detected, and steps were taken rapidly to secure the compromised account. Information Technology security of OHA detected this breach around 10:30am and immediately stop access to employee's inbox, said Gipson-King. As the attacker accessed the account for a limited time, so this reduced the possibility for any kind of information in the emails along with attachments to be copied or viewed.

Spear-phishing is the online attack that tries to steal the sensitive data. The attacker generally targets one individual and also disguises themselves as somebody the victim knows, as per Rebeka Gipson-King, relations director of Oregon State Hospital.

At present, Oregon State Hospital is not aware whether the attacker has gained access to the patients PHI during the 40min. when the account has been accessible. Moreover, the hospital has not yet determined which patients were affected. As there is no proof that any type of protected health information has been used inappropriately or copied from their email system, the hospital is informing all the patients that their information had been possibly compromised.

A third-party cybersecurity firm has been hired for conducting an analysis of that compromised account, in order to determine the patients' whose Protected Health Information got exposed. The hospital expects the process could take about 4-6 weeks. After the affected patients will be identified, individual notices will be sent to those confirmed patients whose information was there in that compromised email.

The hospital has already confirmed that the compromised email account contains patient information like full names, diagnoses, medical record numbers, dates of birth, and treatment plans.

The breach was already been reported to the Oregon State Police, however apart from the IP address, the identity of the suspect is unknown.

» SPAMfighter News - 5/27/2019