[BreachExchange] 29 Michigan health system employees fall victim to phishing attack, exposing patient data
Destry Winant
destry at riskbasedsecurity.com
Fri Feb 28 10:29:16 EST 2020
https://www.beckershospitalreview.com/cybersecurity/29-michigan-health-system-employees-fall-victim-to-phishing-attack-exposing-patient-data.html
Twenty-nine employees at Munson Healthcare fell victim to a phishing
attack that allowed an unauthorized third party access to patient
data, according to the Cadillac News.
In a news release, the Traverse City, Mich.-based health system said
officials had noticed suspicious activity in employee email accounts.
After an investigation in January, Munson Healthcare determined that
the unauthorized third party had access to the email accounts between
July 31 to Oct. 22, 2019.
It's unclear how many patients were affected. Patient data that may
have been exposed included names, dates of birth, insurance
information and treatment information. A limited number of financial
account numbers, driver's license numbers and Social Security numbers
may have also been affected.
Munson Healthcare did not discipline any of the employees for the
phishing attack, according the Cadillac News. Rather, employees
underwent additional cybersecurity training. Munson Healthcare also
implemented additional technical safeguards to ensure a similar
incident doesn't happen again.
More information about the BreachExchange
mailing list