Network Health has warned 51,232 of its plan Contributors that a few of their PHI have possibly been retrieved by illegal people.
In August 2017, some Network Health Wisconsin-centered employees got sophisticated phishing emails. Two of those workers responded to the scam electronic mail and divulged their login identifications to the attackers, who utilized the details to gain access to their confidential electronic mail accounts.
The undermined email accounts stowed a range of confidential information including names, addresses, ID numbers, phone numbers, dates of birth, and provider information. No Social Security numbers or financial data were included in the compromised accounts, even though specific peoples’ claim details and health insurance claim numbers were possibly accessed.
The breach was revealed quickly and the impacted accounts were shut down to reduce the harm caused. An outer cybersecurity consultant was hired to assess the level of the attack and perform a forensic investigation to see whether access to other portions of the network had been gotten. The incident was also made known to police which is also investigating the breach.
Network Health’s Chief Administrative Officer, Penny Ransom, stated, “As a result of this attack, steps are underway to further increase the security of procedures and prevent future happenings.”
Those security measures contain re-training the workforce to assist staff members to identify and report phishing electronic mails. A full review of safety procedures and processes is also being completed. All people affected by the attack have been provided one year of credit monitoring and identity thievery protection facilities for free.
Network Health was among three healthcare groups to report phishing attacks in September. Morehead Memorial Hospital faced a phishing attack that possibly led to the exposure of 66,000 patients’ PHI.