Go to listing page

​Partners In Care suffered a phishing attack exposing patients’ medical information

​Partners In Care suffered a phishing attack exposing patients’ medical information
  • Attackers have compromised an employee’s email account via a phishing attack and gained access to patients’ personal information and health information.
  • The compromised information includes patients’ names, dates of birth, medical record numbers and Social Security numbers. It also had details on diagnosis, treatment, medications, and insurance.

What happened?

Attackers have compromised an employee’s email account via a phishing attack and gained access to patients’ personal information and health information.

When did this happen?

The phishing attack occurred between November 17, 2018, and December 12, 2018, however, it was identified on March 04, 2019.

What data was compromised?

  • The compromised information includes patients’ personal information such as names, dates of birth, medical record numbers, and Social Security numbers.
  • The exposed medical information includes patients’ diagnosis, treatment, medications, and insurance details.
  • However, no financial information was compromised in the attack.

What was the immediate action taken?

  • Upon learning the incident, the healthcare firm has conducted an extensive forensic investigation and a manual email review.
  • It has hired external cybersecurity professionals to assist them with the investigation.
  • It has notified the potentially affected patients and has requested them to review their account statements for any suspicious activity.

However, how many patients have been impacted by the incident still remains unknown.

Cyware Publisher

Publisher

Cyware