Another Phishing Attack-Related Breach reported by CTCA

CTCA (Cancer Treatment Centers of America) has discovered that an employee email account of their Southeastern Regional Medical Center was compromised because of responding to one phishing email.

This email account breach takes place on Mar. 10, 2019 when an employee disclosed the network login credentials while responding to a legitimate looking internal email. CTCA has discovered the breach on March 11, 2019, and secured account by changing employee login credentials.

The compromised email account was accessible even not for complete two days, however it is still possible that information might have been viewed in emails as well as email attachments during that time. A third-party computer forensics company was retained for conducting an investigation, and no evidence was found to suggest any type of patient health information has been viewed. However, it was still not possible to completely rule out PHI data theft or access.

The compromised employee email account contain names, medical record numbers, addresses, health insurance information, government ID numbers, and some other medical information. No financial information or Social Security numbers were exposed.

The individuals affected by this breach were informed, and have been also told to remain on alert. In a statement, the officials wrote "as a precaution to protect against potential misuse of your information, we recommend that you regularly monitor any explanation of benefits and other account statements, to check for any unfamiliar changes or items".

In the last 6 months, this is second occasion when a successful phishing attack was reported on CTCA. In Dec. 2018 also, an employee's email account got compromised containing protected health information of around 42,000 patients. That breach happened on May 2 of last year. CTCA was informed regarding the breach on Sep. 26, 2018, and that breach incident has been announced in early Dec. 2018. On the first occasion also, the email account was accessible even not for a complete day.

In response to this recent incident of March 2019, the officials said that they're currently "evaluating potential security enhancements and continuing to educate our workforce about how to identify suspicious emails to help ensure this does not happen in the future".

The breach portal of HHS' Office for Civil Rights indicates that PHI of 16,819 persons was exposed due to the phishing attack.

» SPAMfighter News - 6/4/2019