29 Michigan health system employees fall victim to phishing attack, exposing patient data

Twenty-nine employees at Munson Healthcare fell victim to a phishing attack that allowed an unauthorized third party access to patient data, according to the Cadillac News.

In a news release, the Traverse City, Mich.-based health system said officials had noticed suspicious activity in employee email accounts. After an investigation in January, Munson Healthcare determined that the unauthorized third party had access to the email accounts between July 31 to Oct. 22, 2019.

It's unclear how many patients were affected. Patient data that may have been exposed included names, dates of birth, insurance information and treatment information. A limited number of financial account numbers, driver's license numbers and Social Security numbers may have also been affected.

Munson Healthcare did not discipline any of the employees for the phishing attack, according the Cadillac News. Rather, employees underwent additional cybersecurity training. Munson Healthcare also implemented additional technical safeguards to ensure a similar incident doesn't happen again.

More articles on cybersecurity:
Texas provider alerts 6,500 patients of phishing attack
Connecticut payer alerts 1,100 members of phishing attack
10 tips for hospitals to mitigate ransomware attacks

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Featured Whitepapers

Featured Webinars