25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Phishing Attacks Reported by UNC Chapel Hill School of Medicine and Starling Physicians

Posted By on Nov 14, 2019

University of North Carolina Chapel Hill School of Medicine has experienced a phishing attack in which the protected health information of 3,716 patients has potentially been accessed by unauthorized individuals.

An investigation by third-party forensics experts confirmed that several employee email accounts were compromised between May 17, 2018 and June 18, 2018. It is unclear when the security breach was first detected.

The types of information in emails and email attachments in the compromised accounts varied from patient to patient and may have included names, birth dates, demographic information, Social Security numbers, health insurance details, financial account information, and credit card numbers.

Affected individuals were notified about the breach on November 12, 2019. Patients whose Social Security numbers were potentially compromised have been offered complimentary credit monitoring and identity theft protection services.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Multi-factor authentication has now been implemented and employees have been provided with further cybersecurity and phishing awareness training.

Three Email Accounts Compromised in Phishing Attack on Starling Physicians

The Connecticut physician group, Starling Physicians P.C. has announced that the personal and health information of certain patients has potentially been compromised in a phishing attack.

The attack occurred on February 8, 2019 and a third-party forensics firm was engaged to conduct an investigation into the breach and assess the nature on scope of the attack. Three employee email accounts were discovered to have been compromised.

Starling Physicians learned on September 12 that the compromised email accounts contained names, addresses, dates of birth, Social Security numbers, passport numbers, health insurance information, billing information, and medical information of certain patients. It is unclear when the phishing attack was discovered.

Notification letters were sent to affected patients on November 12, 2019. Patients whose Social Security number was potentially compromised have been offered complimentary credit monitoring and identity theft protection services.

The HHS’ Office for Civil Rights breach portal shows 977 patients have been affected by the breach.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist