Kaleida Health reports 2nd phishing attack in 2 months

Buffalo, N.Y.-based Kaleida Health began notifying affected patients about a phishing incident Aug. 25.

Kaleida Health officials on June 26 discovered an unauthorized individual may have accessed an employee's email account. Officials immediately hired an outside computer forensic firm to investigate the incident.

The investigation determined the unauthorized individual may have gained access to a small number of Kaleida Health email accounts, which may have included patient names, medical record numbers and diagnoses, among other information.

Officials reported 744 individuals were affected in the incident, according to an Aug. 25 submission to HHS' Office for Civil Rights breach portal.

There is no evidence patient information has been misused, according to Kaleida Health officials. However, officials are offering credit monitoring services to patients whose Social Security numbers may have been exposed.

The notification follows a separate security incident, in which Kaleida Health officials began notifying 2,789 patients July 21. In the earlier incident, hospital officials learned an unauthorized third party may have accessed one of its employee's email accounts May 24, also after a phishing attack.

Click here to view the full notice.

Editor's note: Becker's Hospital Review reached out to Kaleida Health for comment and will update as more information becomes available.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars