Reliable Respiratory, a Norwood, MA-based respiratory care organisation has been subjected to a phishing attack that has impacted several thousand of its clients.
A cyberattack was first noticed on July 3, 2018, after the detection of unusual activity in an staff member’s email account. An official review was launched to deduce the cause of that activity, which showed the staff member had been targeted with a phishing campaign. The reaction to a phishing email lead to the disclosure of that person’s login details.
The unusual account activity was discovered on July 3 and the account was quickly secured. Computer forensic contractors were brought in to determine the manner of the breach. The breach investigation showed that the account had been accessed by an unauthorized person between June 28 and July 2. An analysis of the emails contained in the account suggested a wide range of protected health information could potentially have been accessed by the hacker.
Patients are now being alerted of the breach by mail and have been warned to monitor their account statements and explanation of benefits statements carefully for signs of identity theft and fraud. There was no reference in the substitute breach notice about whether credit monitoring and identity theft protection services are being provided to affected patients.
Patients impacted by the breach may have had the following range of protected health information impacted: Name, date of birth, medical record number, medical diagnosis, treatment information, medication/prescription information, username and password details, patient claim/billing data, health insurance information, driver’s license number, state identification number, Social Security number, passport number, bank or financial account information, and credit or debit card details.
Reliable Respiratory will be putting in place extra measures to improve the security of its systems and will update its policies and procedures to reduce the risk of experiencing future phishing attacks.
The report sent to the Department of Health and Human Services’ Office for Civil Rights (OCR) states that 21,311 patients were impacted by the phishing attack.
Email Security Incident at Carpenters Benefit Funds of Philadelphia
A similarly sized HIPAA violation breach was reported to OCR by Carpenters Benefit Funds of Philadelphia on August 31, 2018. The email hacking incident lead to the exposure and possible theft of 20,015 plan members’ details.
A substitute breach notice has not yet been published to the Carpenters Benefit Funds of Philadelphia web portal and a prominent media outlet does not appear to have been made aware of the breach at the time of writing, so the precise manner of the breach is not yet public.