Phishing Attack on SouthEast Eye Specialist Group Impacts 13,000 Patients

SouthEast Eye Specialist (SEES) Group in Franklin, TN, is notifying 13,000 patients that some of their protected health information has been exposed as a result of a recent phishing attack.

It is unclear from the SEES Group’s substitute breach notice when the phishing attack occurred, but on November 1, 2019, SEES Group determined patient information was contained in email accounts that were accessed by unknown individuals.

The breach was discovered when the IT department identified suspicious activity in some employee email accounts. A third-party computer forensics company was retained to assist with the investigation and determine whether any emails or email attachments containing patient information had been viewed or copied by the attackers.

The investigation uncovered no evidence to suggest that patient information was viewed or obtained by unauthorized individuals, but it was not possible to rule out the possibility that patient information had been compromised.

A painstaking analysis of all emails in the affected accounts revealed they contained information on patients including names, treatment information, and Social Security numbers.

SEES Group is now reviewing its information security policies and procedures and email security will be augmented to prevent similar incidents from occurring in the future.

2,008 Patients Notified About btyDental Ransomware Attack

btyDental, a network of dental practices in Anchorage, AK, is notifying 2,008 patients about a ransomware attack that involved some of their protected health information.

Ransomware was installed on some of its servers on or around November 17, 2019. The servers contained patients’ X-ray images along with their names. The servers contained no other protected health information, which was stored in systems unaffected by the attack.

Steps were immediately taken to restore the affected servers and third-party IT consultants were retained to assist with the investigation. No evidence was found to suggest any patient images were accessed or obtained by the attackers.

btyDental has reviewed its security policies and procedures and has taken steps to prevent similar attacks from occurring in the future and will continue to evaluate the security of its systems and implement the most up-to-date security measures.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.