Indiana hospital alerts 1,300 patients of phishing attack

Lafayette (Ind.) Regional Rehabilitation Hospital began notifying 1,360 patients that their information may have been exposed in a phishing attack.

In November, Lafayette Regional Rehabilitation Hospital discovered that an employee's email account had been accessed by an unauthorized third party. Upon investigation, the hospital determined that the unauthorized user had access to the email account in July.

Patient data that may have been exposed included names, dates of birth, clinical information and treatment information. A limited number of Social Security numbers may have also been affected.

Lafayette Regional Rehabilitation Hospital said there is no evidence that patient information has been misused. The hospital is recommending patients review any statements they receive from healthcare providers.

"We deeply regret any concern or inconvenience this incident may cause our patients. To help prevent something like this from happening again, we are reinforcing education with our staff on email security and are working to enhance our email security tools," Lafayette Regional Rehabilitation Hospital said in a news release.

More articles on cybersecurity:
Texas provider alerts 6,500 patients of phishing attack
Connecticut payer alerts 1,100 members of phishing attack
10 tips for hospitals to mitigate ransomware attacks

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Whitepapers

Featured Webinars