BreachExchange mailing list archives
Texas health system alerts 66, 000 patients of phishing scheme
From: Destry Winant <destry () riskbasedsecurity com>
Date: Tue, 18 Feb 2020 09:01:34 -0600
https://www.beckershospitalreview.com/cybersecurity/texas-health-system-alerts-66-000-patients-of-phishing-scheme.html Decatur, Texas-based Wise Health System began notifying 66,934 patients that their protected health information may have been exposed in a phishing attack, according to a Feb. 13 news release. On March 14, 2019, several employees at Wise Health System fell victim to a phishing email. In the email, hackers asked employees to disclose their account credentials. After employees provided the information, the hackers attempted to reroute payroll direct deposits. Wise Health System estimates that the hackers attempted to redirect around 100 direct deposit payments. However, the health system has a policy requiring a paper check be printed for two successive payrolls after a change to direct deposit information, which helped them discover the security breach. In April, Wise Health System officials were suspicious about an unusually high number of printed checks. The health system issued a system-wide password change and hired a third-party forensic team to investigate. Upon investigation, Wise Health System believes that the hackers were only trying to reroute direct deposits. However, since the attackers gained access to employees' email accounts, Wise Health System is notifying patients whose information was stored in the email accounts. Patient data that may have been exposed included names, medical record numbers, diagnostic information, treatment information and health insurance information. Wise Health System said there is no evidence that patient data has been misused or even viewed. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Texas health system alerts 66, 000 patients of phishing scheme Destry Winant (Feb 18)