Network Health Phishing Attack Affects 51,000 Plan Participants

Wisconsin-based insurer Network Health has alerted 51,232 of its plan participants that illegal people have possibly accessed a few their protected health information (PHI).

In August 2017, a few Network Health workers got stylish phishing electronic mails. Two of those workers replied to the scam electronic mail and revealed their login identifications to the assailants, who utilized the particulars to access to their electronic mail accounts.

The compromised electronic mail accounts had a variety of confidential information including names, addresses, phone numbers, ID numbers, dates of birth, and provider information. No Social Security numbers or financial information were contained in the undermined accounts, even though certain people’s health coverage claim numbers, as well as claim information, was possibly accessed.

The breach was noticed swiftly and the impacted accounts were shut to restrict the harm produced. An outside cybersecurity expert was hired to evaluate the magnitude of the attack and carry out a forensic investigation to decide whether access to other portions of the network had been achieved. The case was also informed to police which is also probing the breach.

Network Health’s Chief Administrative Officer, Penny Ransom, said, “As a consequence of this attack, steps are in progress to additionally improve the safety of operations and avoid future happenings.”

Those measures contain re-training the staff to help workers identify and inform phishing electronic mails. A complete analysis of security procedures and processes is also being carried out. All people affected by the attack have been presented one year of credit checking and identity thievery protection facilities free of charge.

Among three healthcare companies to inform phishing attacks in September was Network Health.  Morehead Memorial Hospital also faced a phishing attack which possibly led to the revelation of PHI of 66,000 patients. Arkansas Oral & Facial Surgery Center too faced a phishing attack that saw ransomware installed. This attack possibly affected 128,000 people.