UnityPoint Health Phishing Attack Undermines Many Employee Email Accounts

April 25, 2018


It has been found that UnityPoint Health worker accounts have been undermined and accessed by illegal people.

The worker electronic mail accounts were initially accessed on November 1, 2017 and went on for a duration of 3 months until February 7, 2018, when the phishing attack was found and access to the compromised electronic mail accounts was disallowed.

Upon noticing the phishing attack, UnityPoint Health hired a computer forensics firm to probe the level of the breach and the number of patients that were targeted. The probe found that a wide variety of PHI had possibly been obtained by the hackers, which included names in combination with one or more of the following data elements:

Number of medical records, provider information, insurance data, diagnoses, lab test results, surgical description, treatment details, times of service, and age details.

The Division of Health and Human Services’ breach portal has not yet published the details of the safety breach, therefore it remains unclear precisely how many patients have been in some way affected by the breach. Warnings to people impacted by the breach were first transmitted on April 16, 2018.

Thus far there have been no reports presented to report any health information being used to gain profit. Nevertheless, since PHI might have been stolen by the hackers, The UnityPoint Health business has suggested that anybody who might have been affected must take measures to safeguard against insurance scam and identity theft. Those measures contain checking insurers’ Explanation of Benefits statements, checking accounts for fake activity, and getting in touch with insurers for a complete list of all medical facilities paid under their insurance plan and to carefully study the list for any facilities that have not been administered.

The incident has led to UnityPoint Health boosting security controls to obstruct incidents in the future.