Network Health Phishing Attack Impacts 51,000 Plan Participants

Wisconsin-based underwriter Network Health has notified 51,232 of its plan participants that unlawful people have probably retrieved some of their PHI.


In August 2017, a few Network Health employees got sophisticated phishing electronic mails. Two of those employees replied to the scam email and revealed their login credentials to the assailants, who used the particulars to gain access to their electronic mail accounts.

The compromised electronic mail accounts contained a variety of sensitive information including names, ID numbers, phone numbers, dates of birth, addresses, and provider information. No Social Security numbers or fiscal data were contained in the compromised accounts, even though certain individuals’ health coverage claim numbers and claim information, were potentially accessed.

The breach was detected swiftly and the affected accounts were shut to restrict the harm caused. An outside cybersecurity consultant was hired to assess the magnitude of the attack and carry out a forensic analysis to decide whether access to other parts of the network had been achieved. The incident was also informed to law enforcement which is also probing the breach.

Chief Administrative Officer of Network Health, Penny Ransom, stated, “As a consequence of this attack, steps are underway to additionally improve the security of operations as well as avoid future happenings.”

Those measures include re-training the staff to assist employees to identify and report phishing electronic mails. A full analysis of safety procedures and processes is also being conducted. All people impacted by the attack have been offered one year of credit checking and identity theft protection facilities without charge.

Among 3 healthcare companies to inform phishing attacks in September was Network Health.  Morehead Memorial Hospital too faced a phishing attack which potentially led to the exposure of PHI of 66,000 sick persons. Arkansas Oral & Facial Surgery Center too confronted a phishing attack that saw ransomware installed. That attack potentially affected 128,000 individuals.