UnityPoint Health Phishing Attack Disclosed PHI of 1.4 Million Patients


One more UnityPoint Health phishing attack has been found, and this time it is gigantic. Hackers have accessed multiple electronic mail accounts which had the PHI of roughly 1.4 million patients.

This occurrence is the biggest healthcare data breach to be informed since August 2016 and the biggest healthcare phishing event informed since the HHS’ Office for Civil Rights began issuing summaries of healthcare data breaks in 2009.

Not only does this breach is conspicuous in terms of range, it is also remarkable for the amount of data that was included in the undermined electronic mail accounts. Although the kinds of data disclosed differ by patient, the breach involved names, driver’s license numbers, dates of service, lab test results, surgical information, treatment information, diagnoses, medical record numbers, dates of birth, addresses, Social Security numbers, health insurance data and for some patients, fiscal information – a wealth trove of data for identity thieves and impostors.

The UnityPoint Health phishing attack seems to have been an attempt to gain access to electronic mail accounts with the purpose of using them to illegally get UnityPoint Health funds, via attempts to distract payroll and seller payments to bank accounts managed by cybercriminals. Nevertheless, the thievery of PHI can’t be ruled out.

Patients whose financial information, Social Security numbers, or driver’s license numbers have been disclosed have been offered a year of credit checking and identity theft protection facilities as a protection.

The UnityPoint Health phishing attack was typical of several successful phishing attacks on companies. The attackers deceived the electronic mail address of a reliable manager in the company. Numerous workers were deceived and thought the electronic mails to be authentic. When links in the electronic mails were clicked, workers were required to enter their login identifications, which were noted by the attackers and used to distantly access their electronic mail accounts.