UC Health became victim of phishing attack possibly compromising patient information

UC Health in Ohio's Cincinnati city has suffered from a data breach after a few of their employees became victim of a phishing attack, thus possibly compromising the patient information.

UC Health disclosed on Sept. 4, 2019, that on Jul. 6, 2019, they became aware about a phishing attack that led to unauthorized access. Upon discovery, the healthcare provider has immediately taken the required steps for securing the compromised employee email accounts. Moreover, UC Health has also launched an investigation, which found that unauthorized third-parties have gained access to email accounts of several employees in between Jul. 6, 2019, and Jul. 12, 2019. However, they did not disclose the exact number of employee email accounts that were compromised.

The compromised employee email accounts contain the patient information like names, medical record numbers, dates of birth, as well as some clinical information. But, till date, it was not determined whether the hackers' has opened, accessed or/and copied any data that was stored in emails or the email attachments. Also, no indication was found till now that any kind of patient information was misused, stated the hospital system.

UC Health is reviewing emails as well as attachments in the compromised employee email accounts for identifying the patients whose information may have been accessible to unauthorized person.

In response to this incident, the officials have said that they are providing more education to its employees so as to help them in identifying and avoiding malicious emails, such as phishing. The UC Health is also improving their email security. All this will help to prevent such kind of incidents from taking place in the future.

"UC Health takes the privacy and confidentiality of its patients' information very seriously, and deeply regrets any inconvenience or concern this incident may cause its patients," said UC Health in one security notice.

UC Health has also recommended that patients should review the statements they will get from their healthcare providers. Anybody noticing services they did not receive, should contact their provider immediately.

A dedicated call center was also established by UC Health for the patients having questions. So, those concerned about this incident can call at 833-496-0187 from 9a.m. to 6:30p.m. on weekdays.

» SPAMfighter News - 9/18/2019