Email phishing attack at Advocate Aurora hospital affects 27,137 individuals

Advocate Aurora Health reported an email phishing incident at the Aurora Medical Center-Bay Area in Marinette, Wis., earlier this year.

The health system learned about the incident on Jan. 9 and launched an internal investigation. The investigation found that while intruders did not have access to the hospital's EHR, they did have access to employee emails that may have contained information about patients.

In connection with this incident, the health system reported an unauthorized person accessed the health system's human resources system and notified employees of the breach in February. However, further investigation revealed that the hacker also accessed employee emails, which the health system reported on April 17. There were potentially 27,137 individuals affected.

The health system reset email passwords for all employees at the hospital and has made "other technical system enhancements" such as implementing email filtering software to help employees identify phishing emails better in the future.

Advocate Aurora reported it is not aware of any improper use of patient information.

More articles on cybersecurity: 
5 things to know about COVID-19 cyberattacks targeting healthcare providers
Cybersecurity group ramps up defense of healthcare providers, dismantles nearly 3K threats 
Feds warn of cybercriminals hitting hospitals during pandemic

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Webinars

Featured Whitepapers