In October, Ozarks Orthopaedics discovered unusual activity in its email system. After an investigation, the organization determined that four employees had fallen victim to phishing attacks.
Patient data that may have been exposed included names, treatment information, diagnosis information, prescription or medication information, health insurance information, Medicare/Medicaid identification numbers, Social Security numbers and financial account information.
Ozarks Orthopaedics said there is no evidence that patient data has been misused. The organization has taken steps to increase the security of its email system and reduce the chances of a similar incident from happening again.
More articles on cybersecurity:
State-by-state breakdown of ransomware attacks on healthcare providers
5 recent data breaches caused by human error
Indiana hospital alerts 2,600 patients of human error data breach