Iowa hospital alerts 7,500 patients of data breach

Albia, Iowa-based Monroe County Hospital & Clinics began notifying around 7,500 patients Feb. 17 that their information may have been exposed in a phishing attack, according to the Des Moines Register.

In December 2019, Monroe County Hospitals & Clinics discovered that several employees had fallen victim to a phishing scheme. Upon investigation, the hospital determined that an unauthorized third party was able to access the email accounts between Oct. 28, 2019, and Jan. 20, 2020.

Patient data that may have been exposed included names, addresses, dates of birth, dates of services, medical record numbers, insurance statuses or payer types, diagnosis codes, reasons for visits and other clinical information. A limited number of Social Security numbers may have also been affected.

Immediately after discovering the phishing attack, Monroe County Hospitals & Clinics had employees reset their email passwords. Additionally, employees have undergone training regarding email cyberattacks.

More articles on cybersecurity:
Texas provider alerts 6,500 patients of phishing attack
Connecticut payer alerts 1,100 members of phishing attack
10 tips for hospitals to mitigate ransomware attacks

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.