Several Email Accounts breached in a Phishing Attack on the Hematology Oncology Associates

Hematology Oncology Associates based in Medford city of Oregon recently started notifying patients about a possible data breach, which was caused due to months-long phishing attack. Hematology Oncology Associates is independent medical practice, who specializes in the care and treatment of patients with blood disorders and cancer.

Email accounts of a number of employees belonging to Hematology Oncology Associates were compromised after they responded to the phishing emails. On Mar. 19, 2019, the officials of Hematology Oncology Associates detected this phishing incident for the first time. Soon after discovering the phishing incident, they quickly secure all the compromised email accounts. The investigation determined that the email account was breached for the first time on Dec. 18, 2018, with further email accounts getting compromised until Feb. 22, 2019.

The third-party computer forensics investigators were retained in order to investigate about this breach. On Apr. 20, 2019, the breach investigation ended, and it confirmed that a few of the emails along with attachments in compromised email accounts contained patients' PHI (Protected Health Information). However, the officials said that they have not been able to determine whether any of those emails along with attachments were opened by those attackers.

The possibly compromised data in those email accounts included patient names, dates of birth, driver's licenses, Social Security numbers, health insurance member as well as group numbers, payment card information, and financial account data.

A forced password reset was performed on all the employee email accounts in order to prevent future unauthorized access, and the officials added that the employees will receive more security awareness training.

The breach was reported to US Department of Health and Human Services' Office for Civil Rights (OCR) - agency who is responsible for enforcing the data protection law of US healthcare. The state attorneys general were also reported about this breach.

Moreover, all the affected patients have been offered a year of complementary identity theft protection and credit monitoring services membership to the Experian's IdentityWorks. At present, it is not clear how many individuals were affected by this breach.

Despite a drop in the ransomware attacks in various other sectors, healthcare sector continued to remain as the prime target of these cyberattacks.

» SPAMfighter News - 5/29/2019