Bryn Mawr, Pa.-based Main Line Health System is the latest health system to fall victim to spear phishing — a cyber crime tactic in which criminals reach out through email or other means to procure personal information from employees.
On March 1, the system learned of a Feb. 16 incident in which an employee received an email request for information on employees and, thinking it was real, sent the information. After the IRS issued a warning about an increase in this type of cyberattack this tax season, system officials realized that an incident had occurred.
"The safety and security of Main Line Health's employees is our priority, and we are establishing resources to provide our employees with as much support as possible during this time," Jack Lynch, president and CEO of Main Line Health, said in a statement.
Patient information has not been compromised, but Main Line is offering free credit monitoring for all of its employees and has set up a call center to provide information and field questions about the breach.