Linkedin-in
Subscribe

Phishing Attack on Legacy Health Leads to Disclosure of 38,000 Patients’ PHI

August 21, 2018

Legacy Health has found an illegal person has gained access to its electronic mail system and the protected health information (PHI) of roughly 38,000 patients.
The Portland, OR-based health system manages two local hospices, four community hospices, and 70 health centers in Oregon, Southwest Washington, and the Mid-Willamette Valley and is the second biggest health organization in the Portland Metro Area.
The data break was found on June 21, 2018, even though the electronic mail accounts were first retrieved by an illegal person in May. Legacy Health concluded that access was gained to the electronic mail accounts as a consequence of workers being fooled by phishing electronic mails.
Electronic mail breaks can take a substantial amount of time to probe. While tools are available to scan electronic mail accounts for PHI, many of the electronic mails in undermined accounts must be separately checked, which can involve manual checks of hundreds of thousands of messages. As per Legacy Health Spokesperson Kelly Love, “We’ve been moving at as fast a pace as we can to be thorough and clear.”
To speed up the inquiry, Legacy Health retained a prominent computer forensics company to probe and help with the break reaction. That probe disclosed information such as names, driver’s license numbers, billing information, medical information relating to care provided at Legacy Health facilities, health insurance details, birth dates, and Social Security numbers might all have been retrieved. Legacy Health isn’t conscious of any patient information being abused.
Notices were sent to affected people on August 20 and all patients whose Social Security number or driver’s license number was disclosed have been offered credit checking facilities for 12 months without a fee.
A media notification was provided to The Oregonian and the Division of Health and Human Services has been informed inside the 60-day window allowed by the HIPAA Break Notification Law. Steps are also being taken to improve electronic mail safety and avoid any further breaks of PHI.

Tags

Stan Martin

Stan Martin

Stan Martin is a journalist writing about all aspects of the healthcare sector. Stan's reporting spans a wide array of topics within healthcare, from medical advancements and health policy to patient care and the economic aspects of the healthcare industry. Stan has contributed hundreds of news articles to Healthcare IT Journal, demonstrating a commitment to delivering factual, comprehensive news.

Get the free newsletter

Discover everything you need to become HIPAA compliant
Please enable JavaScript in your browser to complete this form.
Name
  • United States+1
  • United Kingdom+44
  • Afghanistan+93
  • Albania+355
  • Algeria+213
  • American Samoa+1
  • Andorra+376
  • Angola+244
  • Anguilla+1
  • Antigua & Barbuda+1
  • Argentina+54
  • Armenia+374
  • Aruba+297
  • Ascension Island+247
  • Australia+61
  • Austria+43
  • Azerbaijan+994
  • Bahamas+1
  • Bahrain+973
  • Bangladesh+880
  • Barbados+1
  • Belarus+375
  • Belgium+32
  • Belize+501
  • Benin+229
  • Bermuda+1
  • Bhutan+975
  • Bolivia+591
  • Bosnia & Herzegovina+387
  • Botswana+267
  • Brazil+55
  • British Indian Ocean Territory+246
  • British Virgin Islands+1
  • Brunei+673
  • Bulgaria+359
  • Burkina Faso+226
  • Burundi+257
  • Cambodia+855
  • Cameroon+237
  • Canada+1
  • Cape Verde+238
  • Caribbean Netherlands+599
  • Cayman Islands+1
  • Central African Republic+236
  • Chad+235
  • Chile+56
  • China+86
  • Christmas Island+61
  • Cocos (Keeling) Islands+61
  • Colombia+57
  • Comoros+269
  • Congo - Brazzaville+242
  • Congo - Kinshasa+243
  • Cook Islands+682
  • Costa Rica+506
  • Croatia+385
  • Cuba+53
  • Curaçao+599
  • Cyprus+357
  • Czechia+420
  • Côte d’Ivoire+225
  • Denmark+45
  • Djibouti+253
  • Dominica+1
  • Dominican Republic+1
  • Ecuador+593
  • Egypt+20
  • El Salvador+503
  • Equatorial Guinea+240
  • Eritrea+291
  • Estonia+372
  • Eswatini+268
  • Ethiopia+251
  • Falkland Islands+500
  • Faroe Islands+298
  • Fiji+679
  • Finland+358
  • France+33
  • French Guiana+594
  • French Polynesia+689
  • Gabon+241
  • Gambia+220
  • Georgia+995
  • Germany+49
  • Ghana+233
  • Gibraltar+350
  • Greece+30
  • Greenland+299
  • Grenada+1
  • Guadeloupe+590
  • Guam+1
  • Guatemala+502
  • Guernsey+44
  • Guinea+224
  • Guinea-Bissau+245
  • Guyana+592
  • Haiti+509
  • Honduras+504
  • Hong Kong SAR China+852
  • Hungary+36
  • Iceland+354
  • India+91
  • Indonesia+62
  • Iran+98
  • Iraq+964
  • Ireland+353
  • Isle of Man+44
  • Israel+972
  • Italy+39
  • Jamaica+1
  • Japan+81
  • Jersey+44
  • Jordan+962
  • Kazakhstan+7
  • Kenya+254
  • Kiribati+686
  • Kosovo+383
  • Kuwait+965
  • Kyrgyzstan+996
  • Laos+856
  • Latvia+371
  • Lebanon+961
  • Lesotho+266
  • Liberia+231
  • Libya+218
  • Liechtenstein+423
  • Lithuania+370
  • Luxembourg+352
  • Macao SAR China+853
  • Madagascar+261
  • Malawi+265
  • Malaysia+60
  • Maldives+960
  • Mali+223
  • Malta+356
  • Marshall Islands+692
  • Martinique+596
  • Mauritania+222
  • Mauritius+230
  • Mayotte+262
  • Mexico+52
  • Micronesia+691
  • Moldova+373
  • Monaco+377
  • Mongolia+976
  • Montenegro+382
  • Montserrat+1
  • Morocco+212
  • Mozambique+258
  • Myanmar (Burma)+95
  • Namibia+264
  • Nauru+674
  • Nepal+977
  • Netherlands+31
  • New Caledonia+687
  • New Zealand+64
  • Nicaragua+505
  • Niger+227
  • Nigeria+234
  • Niue+683
  • Norfolk Island+672
  • North Korea+850
  • North Macedonia+389
  • Northern Mariana Islands+1
  • Norway+47
  • Oman+968
  • Pakistan+92
  • Palau+680
  • Palestinian Territories+970
  • Panama+507
  • Papua New Guinea+675
  • Paraguay+595
  • Peru+51
  • Philippines+63
  • Poland+48
  • Portugal+351
  • Puerto Rico+1
  • Qatar+974
  • Romania+40
  • Russia+7
  • Rwanda+250
  • Réunion+262
  • Samoa+685
  • San Marino+378
  • Saudi Arabia+966
  • Senegal+221
  • Serbia+381
  • Seychelles+248
  • Sierra Leone+232
  • Singapore+65
  • Sint Maarten+1
  • Slovakia+421
  • Slovenia+386
  • Solomon Islands+677
  • Somalia+252
  • South Africa+27
  • South Korea+82
  • South Sudan+211
  • Spain+34
  • Sri Lanka+94
  • St. Barthélemy+590
  • St. Helena+290
  • St. Kitts & Nevis+1
  • St. Lucia+1
  • St. Martin+590
  • St. Pierre & Miquelon+508
  • St. Vincent & Grenadines+1
  • Sudan+249
  • Suriname+597
  • Svalbard & Jan Mayen+47
  • Sweden+46
  • Switzerland+41
  • Syria+963
  • São Tomé & Príncipe+239
  • Taiwan+886
  • Tajikistan+992
  • Tanzania+255
  • Thailand+66
  • Timor-Leste+670
  • Togo+228
  • Tokelau+690
  • Tonga+676
  • Trinidad & Tobago+1
  • Tunisia+216
  • Turkey+90
  • Turkmenistan+993
  • Turks & Caicos Islands+1
  • Tuvalu+688
  • U.S. Virgin Islands+1
  • Uganda+256
  • Ukraine+380
  • United Arab Emirates+971
  • United Kingdom+44
  • United States+1
  • Uruguay+598
  • Uzbekistan+998
  • Vanuatu+678
  • Vatican City+39
  • Venezuela+58
  • Vietnam+84
  • Wallis & Futuna+681
  • Western Sahara+212
  • Yemen+967
  • Zambia+260
  • Zimbabwe+263
  • Åland Islands+358

Read Next

Linkedin-in
Healthcare IT Journal Offers
The Latest Actionable News In Healthcare IT

News

Get the free newsletter

Please enable JavaScript in your browser to complete this form.
Name
  • United States+1
  • United Kingdom+44
  • Afghanistan+93
  • Albania+355
  • Algeria+213
  • American Samoa+1
  • Andorra+376
  • Angola+244
  • Anguilla+1
  • Antigua & Barbuda+1
  • Argentina+54
  • Armenia+374
  • Aruba+297
  • Ascension Island+247
  • Australia+61
  • Austria+43
  • Azerbaijan+994
  • Bahamas+1
  • Bahrain+973
  • Bangladesh+880
  • Barbados+1
  • Belarus+375
  • Belgium+32
  • Belize+501
  • Benin+229
  • Bermuda+1
  • Bhutan+975
  • Bolivia+591
  • Bosnia & Herzegovina+387
  • Botswana+267
  • Brazil+55
  • British Indian Ocean Territory+246
  • British Virgin Islands+1
  • Brunei+673
  • Bulgaria+359
  • Burkina Faso+226
  • Burundi+257
  • Cambodia+855
  • Cameroon+237
  • Canada+1
  • Cape Verde+238
  • Caribbean Netherlands+599
  • Cayman Islands+1
  • Central African Republic+236
  • Chad+235
  • Chile+56
  • China+86
  • Christmas Island+61
  • Cocos (Keeling) Islands+61
  • Colombia+57
  • Comoros+269
  • Congo - Brazzaville+242
  • Congo - Kinshasa+243
  • Cook Islands+682
  • Costa Rica+506
  • Croatia+385
  • Cuba+53
  • Curaçao+599
  • Cyprus+357
  • Czechia+420
  • Côte d’Ivoire+225
  • Denmark+45
  • Djibouti+253
  • Dominica+1
  • Dominican Republic+1
  • Ecuador+593
  • Egypt+20
  • El Salvador+503
  • Equatorial Guinea+240
  • Eritrea+291
  • Estonia+372
  • Eswatini+268
  • Ethiopia+251
  • Falkland Islands+500
  • Faroe Islands+298
  • Fiji+679
  • Finland+358
  • France+33
  • French Guiana+594
  • French Polynesia+689
  • Gabon+241
  • Gambia+220
  • Georgia+995
  • Germany+49
  • Ghana+233
  • Gibraltar+350
  • Greece+30
  • Greenland+299
  • Grenada+1
  • Guadeloupe+590
  • Guam+1
  • Guatemala+502
  • Guernsey+44
  • Guinea+224
  • Guinea-Bissau+245
  • Guyana+592
  • Haiti+509
  • Honduras+504
  • Hong Kong SAR China+852
  • Hungary+36
  • Iceland+354
  • India+91
  • Indonesia+62
  • Iran+98
  • Iraq+964
  • Ireland+353
  • Isle of Man+44
  • Israel+972
  • Italy+39
  • Jamaica+1
  • Japan+81
  • Jersey+44
  • Jordan+962
  • Kazakhstan+7
  • Kenya+254
  • Kiribati+686
  • Kosovo+383
  • Kuwait+965
  • Kyrgyzstan+996
  • Laos+856
  • Latvia+371
  • Lebanon+961
  • Lesotho+266
  • Liberia+231
  • Libya+218
  • Liechtenstein+423
  • Lithuania+370
  • Luxembourg+352
  • Macao SAR China+853
  • Madagascar+261
  • Malawi+265
  • Malaysia+60
  • Maldives+960
  • Mali+223
  • Malta+356
  • Marshall Islands+692
  • Martinique+596
  • Mauritania+222
  • Mauritius+230
  • Mayotte+262
  • Mexico+52
  • Micronesia+691
  • Moldova+373
  • Monaco+377
  • Mongolia+976
  • Montenegro+382
  • Montserrat+1
  • Morocco+212
  • Mozambique+258
  • Myanmar (Burma)+95
  • Namibia+264
  • Nauru+674
  • Nepal+977
  • Netherlands+31
  • New Caledonia+687
  • New Zealand+64
  • Nicaragua+505
  • Niger+227
  • Nigeria+234
  • Niue+683
  • Norfolk Island+672
  • North Korea+850
  • North Macedonia+389
  • Northern Mariana Islands+1
  • Norway+47
  • Oman+968
  • Pakistan+92
  • Palau+680
  • Palestinian Territories+970
  • Panama+507
  • Papua New Guinea+675
  • Paraguay+595
  • Peru+51
  • Philippines+63
  • Poland+48
  • Portugal+351
  • Puerto Rico+1
  • Qatar+974
  • Romania+40
  • Russia+7
  • Rwanda+250
  • Réunion+262
  • Samoa+685
  • San Marino+378
  • Saudi Arabia+966
  • Senegal+221
  • Serbia+381
  • Seychelles+248
  • Sierra Leone+232
  • Singapore+65
  • Sint Maarten+1
  • Slovakia+421
  • Slovenia+386
  • Solomon Islands+677
  • Somalia+252
  • South Africa+27
  • South Korea+82
  • South Sudan+211
  • Spain+34
  • Sri Lanka+94
  • St. Barthélemy+590
  • St. Helena+290
  • St. Kitts & Nevis+1
  • St. Lucia+1
  • St. Martin+590
  • St. Pierre & Miquelon+508
  • St. Vincent & Grenadines+1
  • Sudan+249
  • Suriname+597
  • Svalbard & Jan Mayen+47
  • Sweden+46
  • Switzerland+41
  • Syria+963
  • São Tomé & Príncipe+239
  • Taiwan+886
  • Tajikistan+992
  • Tanzania+255
  • Thailand+66
  • Timor-Leste+670
  • Togo+228
  • Tokelau+690
  • Tonga+676
  • Trinidad & Tobago+1
  • Tunisia+216
  • Turkey+90
  • Turkmenistan+993
  • Turks & Caicos Islands+1
  • Tuvalu+688
  • U.S. Virgin Islands+1
  • Uganda+256
  • Ukraine+380
  • United Arab Emirates+971
  • United Kingdom+44
  • United States+1
  • Uruguay+598
  • Uzbekistan+998
  • Vanuatu+678
  • Vatican City+39
  • Venezuela+58
  • Vietnam+84
  • Wallis & Futuna+681
  • Western Sahara+212
  • Yemen+967
  • Zambia+260
  • Zimbabwe+263
  • Åland Islands+358
Linkedin-in

© 2024 Healthcare IT Journal

© 2023 Healthcare IT Journal

Get the free newsletter

Discover everything you need to become HIPAA compliant
Please enable JavaScript in your browser to complete this form.
Name