Network Health has advised 51,232 of its plan subscribers that some of their protected health information (PHI) has possibly been accessed by unauthorized people.
In August 2017, some Network Health Wisconsin-based employees received sophisticated phishing emails. Two of those staff members responded to the scam email and divulged their login credentials to the attackers, who used the details to gain access to their private email accounts.
The compromised email accounts stored a range of sensitive information including names, phone numbers, addresses, dates of birth, ID numbers, and provider data. No financial data or Social Security numbers were included in the compromised accounts, although certain peoples’ health insurance claim numbers and claim details were potentially accessed.
The breach was discovered quickly and the affected accounts were shut down to limit the harm caused. An external cybersecurity consultant was brought in to assess the extent of the attack and perform a forensic analysis to see whether access to other parts of the network had been gained. The incident was also made known to law enforcement agencies which are also investigating the breach.
Penny Ransom, Network Health’s Chief Administrative Officer stated, “As a result of this attack, steps are underway to further improve the security of operations and prevent future incidents.”
Those security measures include re-training the workforce to help staff members recognize and report phishing emails. A full review of security processes and procedures is also being completed. All people impacted by the attack have been offered one year of credit monitoring and identity theft protection services for free.
Network Health was one of three healthcare groups to report phishing attacks in September. Morehead Memorial Hospital suffered a phishing attack that possibly resulted in the exposure of 66,000 patients’ PHI.