Cancer Treatment Centers of America alerts 3,900 patients of data breach

Mackenzie Garrity - Print  | 

Cancer Treatment Centers of America discovered on June 6 that an employee's email account at its Philadelphia-based Eastern Regional Medical Center was compromised in a phishing attack, according to the HIPAA Journal.

An investigation determined that an unauthorized third party had gained access to the employee's email account between May 4-15. The password for the account has since been changed.

It's unclear if the unauthorized third party viewed the emails or took patient information. However, Cancer Treatment Centers of America said the email held the protected health information of 3,904 patients.

Patient information that was potentially affected included addresses, phone numbers, dates of birth, medical record numbers, other patient identifiers, medical information and health insurance information.

Eastern Regional Medical Center is providing further training to employees to increase awareness on cybersecurity threats. The medical center is also conducting a review of its email security to ensure an incident like this doesn't happen again.

More articles on cybersecurity:
Viewpoint: How Amazon Alexa is changing privacy in healthcare
Malware attack disrupts operations at Indiana medical center
Hackers gain access to Vermont ACO email account, possibly exposing data of 25,000 patients

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

To receive the latest hospital and health system business and legal news and analysis from Becker's Hospital Review, sign-up for the free Becker's Hospital Review E-weekly by clicking here.