Phishing Attack on Medical College of Wisconsin Impacts 9,500 Patients

The disclosure of roughly 9,500 patients’ PHI at the Medical College of Wisconsin has been triggered by a phishing attack. The assailants could access many staff members’ electronic mail accounts, which contained a range of confidential information of patients as well as some faculty workers.

The kinds of files in the accessed electronic mail accounts contained names, surgical information, treatment details, medical diagnoses, health insurance details, dates of birth, medical record numbers, dates of service and addresses. Bank account information and Social Security numbers of very few people had been accessed.

The incident occurred during July 21 to July 28 when phishing electronic mails were transferred to specific people at the Medical College of Wisconsin. Responding to those electronic mails led to the assailants accessing electronic mail login particulars.

Medical College of Wisconsin employed a computer forensics company to finish an inquiry into the phishing attack, and although that inquiry found that access to the electronic mail accounts was gotten by illegal people, it wasn’t possible to decide whether electronic mails with PHI had been viewed or accessed, or if any confidential information was acquired. Since the attack, no reports of abuse of PHI have been recorded.

To safeguard people from identity thievery and scam, credit checking and identity thievery reinstatement facilities have been provided for breach victims free of cost, however only to those persons whose Social Security numbers were read.

Medical College of Wisconsin disclosed that besides some faculty workers as well as Medical College of Wisconsin patients, a few people who got the cure at Froedtert Health and Children’s Hospital of Wisconsin have also been impacted by the breach.

The latest Medical College of Wisconsin phishing attack comes only 10 months after a similar case led to the retrieving of 3,200 patients’ PHI.