More than 1,650 Patients of the Carle Foundation Hospital got impacted by a phishing attack

Carle Foundation Hospital, at City of Urbana in Illinois State of United States, has suffered from data breach incident when an unauthorized third-party has gained access to three physicians' email accounts.

The unauthorized third-party was successful in gaining access of the three physicians' email accounts when they became victim of a phishing attack. As a result of this, 1,653 patients' data got compromised for approximately three weeks. The security breach has been detected on Jun. 24 of the current year (i.e. 2019).

Upon learning about this data breach incident, the Carle Foundation Hospital has immediately secured all the three compromised email accounts. In addition, the healthcare organization has also hired a leading third-party cybersecurity company as well as launched an investigation so as to determine what kind of information might have been impacted.

The investigation has revealed that those three physicians' email accounts got compromised three weeks earlier on Jun. 3, 2019. With assistance of one third-party cybersecurity company, the Carle Foundation Hospital based in Urbana city of Illinois determined that those compromised email accounts contains patient information like names, dates of birth, medical record numbers, as well as clinical information like treatment and diagnosis plan. However, no financial information or Social Security numbers have been contained in those three physicians' email accounts.

"We have no indication the unauthorized person used patient information in any way or viewed the emails containing patient information," said the Carle Foundation Hospital in one of their press release.

As per a press release of the Carle Foundation Hospital, this phishing incident has only impacted the patients who have received the surgery or cardiology services at the hospital.

No evidence of PHI misuse or data theft has been detected, and the notifications have been sent just as a precautionary measure. However, the Carle Foundation Hospital is still recommending the patients to review any statements that they will receive from their providers.

To prevent this kind of phishing incidents from taking place in future, additional security training has been provided to the Carle Foundation employees as well as the email security of Carle Foundation Hospital has been enhanced.

» SPAMfighter News - 9/30/2019