A phishing scam targeting St. Louis University employees led to the disclosure of the personal health information of approximately 3,000 people.
The university announced the incident, in which some university employees responded to personal information requests from fraudulent but official-looking emails, appears to have been targeting the employees' financial information. Some of the employees who responded to the scam were University physicians, and their disclosures led to unauthorized access to about 20 email accounts containing the protected health information of the 3,000 affected people.
While the university does not believe the personal health information stored in the email accounts was accessed, a letter has been sent to all those affected, notifying them of the incident and offering one year of identity theft protection and restoration services.
More Articles on Data Breaches:
CaroMont Security Breach Affects 1,310
UnityPoint Data Breach Affects 1,800 Patients
St. Mary's Janesville Hospital Informs Patients of Possible Data Breach