Chase Brexton Health Care has reported that the group experienced a phishing cyber attack on August 2 and August 3, 2017 and may have affected as many as 16,562 patients.
The cyber attack involved multiple phishing emails being delivered to the inboxes of its employees. Phishing attacks normally take the form of fake invoices and fake package delivery alerts, although these emails claimed to be surveys. After employees submitted the surveys they were asked to enter their login details. Four employees were duped by the scam and revealed their user account credentials.
The phishing attack was identified on August 4 and access to the employees’ accounts was restricted. However, on August 2 and 3, the accounts of those unfortunate employees were accessed and the cyber attackers re-routed employee payments to their own bank account(s).
While the motivation behind the phishing attack did not seem to be to gain access to patient details, it is probable that some patients’ PHI was accessed and stolen. Chase Brexton Health Care has warned patients of the breach and adviseded them that PHI access is not suspected, although out of an abundance of care, patients are being offered complimentary identity theft repair services.
The types of data potentially accessed was restricted to names, addresses, dates of birth, patient ID numbers, provider name, diagnosis codes, service location, line of service, visit descriptions, medication details, and insurance details.
The investigation into the phishing attack is ongoing, and while details of the attackers’ bank account are known, the people responsible for the attack have not been identified. A third-party has been hired to complete an investigation into the phishing attack.
Apart from restricting access to the compromised accounts by altering passwords, Chase Brexton Health Care has put in place a new email spam filtering system to enhance protection against phishing attacks, staff have received more training and new security procedures have been adapted.