University of Minnesota Physicians lately encountered a phishing attack that made it possible for unauthorized persons to get access to two employees’ email accounts. One email account was accessible from January 30 to January 31, 2020 and the other account on February 4, 2020 for a brief time frame.
Upon finding out about the breach, University of Minnesota Physicians secured the email accounts right away and had called in third-party forensic investigators to examine the nature and magnitude of the breach. The analysis didn’t reveal any proof that indicates the attacker viewed the email messages in the accounts or obtained patient data. Nevertheless, the probability of data access can’t be eliminated with a high percentage of confidence.
An analysis of the compromised employee accounts revealed they kept the protected health information (PHI) of a number of patients. The types of information in the accounts differed from one patient to another and might have contained name, address, date of birth, date of service, date of death, phone number, medical record number, payment card number, account number, medical insurance details, and medical data. The Social Security number of some patients were also compromised.
University of Minnesota Physicians started mailing notification letters to impacted persons on March 30, 2020, though the investigation was not finished yet. That investigation is done now. The hold up was caused by the careful and long process needed in identifying the pertinent information.
University of Minnesota Physicians mentioned that when the attack occurred, a number of email security measures were set up like multi-factor authentication, frequent training of staff on privacy and security, and conduct of phishing simulations.
Supplemental technology has currently been enforced to even more enhance security. Staff goes through refresher security training. University of Minnesota Physicians also offered the affected individuals complimentary credit monitoring and identity theft protection services for one year via Kroll.
The Office for Civil Rights breach portal published the breach report on March 30, 2020 showing that the attack affected 683 people.
Mcleod Health Experiences Email Account Breach
Mcleod Health based in South Carolina found out that an unauthorized person accessed the email account of one employee. It noticed suspicious email account activity on June 23, 2020 and immediately secured the account.
A complete forensic assessment was done to find out the nature and extent of the breach, which showed the breach happened between April 13, 2020 and April 16, 2020. McLeod Health confirmed on August 19, 2020 that the attacker acquired the information in the email account in April.
McLeod Health is doing an evaluation of the affected email account to identify the data the attacker acquired and the patients impacted. Notifications are going to be mailed to affected persons after the review is done.
McLeod Health had enforced multi-factor authentication earlier to stop the use of compromised credentials to obtain access to email accounts; but, certain internal settings had stopped it from being integrated on a number of devices. That concern is now being attended to and additional security awareness training is made available to employees.