Envision Healthcare Corporation and Biomarin Pharmaceutical Have Email Accounts Compromised

by | Oct 17, 2018

Biomarin Pharmaceutical, based in Novato, CA-based has discovered two staff email accounts have been compromised due to a phishing attack in which a non-permanent employee’s login details were obtained by the hacker.

The attack was noticed on June 21, 2018 and swift action was taken to stop additional unauthorized account access. The investigation into the breach showed that the email accounts had been accessed by an unauthorized person, but it was not possible to discover whether any emails were opened or copied by the hacker.

A review of the compromised accounts suggests a document including names, health insurance data and Social Security numbers may have been on one or both email accounts when the breach occurred.

Due to the nature of impacted data, affected individuals have been advised to implement a fraud alert on their credit files as a precaution against identity theft and fraud and advised to monitor explanation of benefits statements from insurers for medical services which have not been administered.

Biomarin Pharmaceutical has now fully protected its network and has taken measures to stop additional email account breaches.

Meanwhile Portland, OR-based Envision Healthcare Corporation is contacting current and former providers, affiliates, and job applicants to advise them that some of their personal information may have been impacted. The information was included in email accounts which, it has recently been discovered, have been accessed by an unauthorized person.

The email accounts were infiltrated by a third party in July 2018 and included information such as as names, birth dates, Social Security numbers, driver’s license details and financial information. To data, no proof has been discovered to suggest any information has been stolen and misused, although as a precautionary measure against identity theft and fraud, those impacted have been offered complimentary identity theft and credit monitoring services through Experian IdentityWorks’ Credit 3B service.

Envision Healthcare Corporation has already implemented measures to secure its systems and is considering employing the use of multi-factor authentication.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.


Please enable JavaScript in your browser to complete this form.

Patrick Kennedy

Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field. Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile:

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy