Emotet Malware possibly exfiltrated PHI of patients in Oregon Endodontic Group

Oregon Endodontic Group discovered that malware got installed in an office computer, thus potentially exporting data contained in office's email account.

The breach has been discovered first on Nov. 13, 2018, when officials of Oregon Endodontic Group noticed suspicious activity in an email account that was used at their offices.

Officials of Oregon Endodontic Group said that third-party forensics firm was hired by them in order to help in investigating the incident, as well as to identify the scope and nature of this security breach. The third-party forensics firm confirmed that Emotet malware variant had been downloaded in an office computer.

Emotet malware variant is one of the commonest malware strains that had been seen last year in healthcare sector, as per a recent report of Malwarebytes Lab. The Emotet malware variant started as banking trojan, but later has evolved to use the exploits in order to infect the computers, monitor network traffic, steal data, and spread other malware. In fact, the variant can send emails to the contacts of victims' also.

The third-party computer forensics firm is not able to confirm whether any type of email data got exfiltrated, although the possibility cannot be ruled out.

The concerned email account was analyzed in order to find out whether it contains any PHI. The analysis got completed on Feb. 11, 2019. The email account contains various types of information such as names, date of birth, health insurance information, diagnosis information, and treatment information. It was found that: Name along with the Social Security number of 41 individuals got exposed; whereas name along with financial information of seven individuals and name along with driver's license number of two individuals got exposed.

The breach portal of HHS' Office for Civil Rights shows that 2,952 patients were impacted by this breach. All these patients in Oregon Endodontic Group are being notified about a possible data breach, after the office computer got infected with Emotet malware variant.

Oregon Endodontic Group also has engaged services of one IT security firm that is assessing the security controls, and more safeguards will be implemented in order to enhance the security.

» SPAMfighter News - 4/30/2019