Nashville-based Aspire Health is abandoning its search for a hacker that stole 124 emails in a phishing scam in September after an internal investigation determined the emails were intercepted before the hacker opened them, according to the Tennessean.
A company executive was tricked by a phishing email in September into giving up his or her email account credentials to a hacker. That hacker then forwarded 124 company emails to an external account. Some of the compromised emails contained protected health information.
The outpatient palliative care company said the illicit email originated from a website with an Eastern European IP address that lists Google as the registrar. Aspire sought voluntary help from Google to identify the hacker, but Google refused and told Aspire it would need a subpoena, which Aspire filed for Sept. 25.
After Aspire's own investigation found that the stolen emails were never opened, the company said it is ending its legal effort to identify the hacker. Aspire dismissed its court motion to subpoena Google in late November, according to the Tennessean.