Email Accounts Compromised in Atrium Health Phishing Attack
Charlotte, NC-based Atrium Health, a healthcare provider with 40 hospitals and more than 1,400 care locations in North Carolina, South Carolina, Georgia, and Alabama, has discovered unauthorized access to several employee email accounts.
The unauthorized email account access was detected on April 29, 2024. Its email environment was secured, and a forensic investigation was conducted to determine the nature and scope of the unauthorized activity. The investigation confirmed that an unauthorized third party accessed a limited number of employee email accounts as a result of a phishing campaign. The phishing emails appeared to have been sent by a trusted source and several employees responded and inadvertently disclosed their account credentials, allowing their accounts to be accessed by an unauthorized individual for a short period between April 29 and April 30, 2024.
The account review was completed on July 17, 2024, and confirmed that patients’ protected health information was present in the accounts. It was not possible to determine whether patient data was viewed or acquired; however, the investigation suggested the aim of the unauthorized actor was not to obtain patient data. As a precaution, the affected individuals have been offered complimentary credit monitoring and identity theft protection services.
The exposed data varied from individual to individual and included first and last names in combination with one or more of the following: address, email address, phone number, date of birth, Social Security number, medical record number, driver’s license/state ID number, government/employer identifier, bank/financial account number/information, including routing number, financial institution name, security code/PIN and/or expiration date, treatment/diagnosis, prescription, health insurance and/or treatment cost information, patient identification number, health insurance account/policy number, incidental health references, billing identification number, access credential, and/or digital signatures.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Atrium Health said it is continuing to evaluate and enhance security controls to prevent similar incidents in the future and is providing additional phishing awareness training to the workforce. The data breach has been reported to the HHS’ Office for Civil Rights (OCR) as potentially affecting up to 32,120 individuals.
