Share this article on:
Wisconsin-based insurer Network Health has notified 51,232 of its plan members that some of their protected health information (PHI) has potentially been accessed by unauthorized individuals.
In August 2017, some Network Health employees received sophisticated phishing emails. Two of those employees responded to the scam email and divulged their login credentials to the attackers, who used the details to gain access to their email accounts.
The compromised email accounts contained a range of sensitive information including names, phone numbers, addresses, dates of birth, ID numbers, and provider information. No financial information or Social Security numbers were included in the compromised accounts, although certain individuals’ health insurance claim numbers and claim information was potentially accessed.
The breach was detected rapidly and the affected accounts were shut down to limit the harm caused. An external cybersecurity consultant was brought in to assess the extent of the attack and perform a forensic analysis to determine whether access to other parts of the network had been gained. The incident was also reported to law enforcement which is also investigating the breach.
Penny Ransom, Network Health’s Chief Administrative Officer said, “As a result of this attack, steps are underway to further improve the security of operations and prevent future incidents.”
Those measures include re-training the workforce to help employees recognize and report phishing emails. A full review of security processes and procedures is also being conducted. All individuals impacted by the attack have been offered one year of credit monitoring and identity theft protection services without charge.
Network Health was one of three healthcare organizations to report phishing attacks in September. Morehead Memorial Hospital experienced a phishing attack that potentially resulted in the exposure of 66,000 patients’ PHI. Arkansas Oral & Facial Surgery Center also fell victim to a phishing attack that saw ransomware installed. That attack potentially impacted 128,000 individuals.