Medical transportation company notifies 1,000 patients of data breach

Reva, a medical transportation service, began alerting 1,000 patients Jan. 22 that their information may have been exposed in a phishing attack.

In September 2019, Reva discovered suspicious activity on an employee's email account. The company determined that an unauthorized third party had access to a limited number of employee email accounts between July 23 and Sept. 13, 2019.

Patient data that may have been exposed included names, clinical information, dates of service, travel insurance information, passport numbers and a limited number of Social Security numbers.

Reva took steps to immediately secure the email accounts that were compromised. The company recommends patients review any statements from healthcare providers and travel insurers.

"We take the privacy and confidentiality of our patients' information very seriously, and deeply regret any inconvenience or concern this incident may cause our patients. To help prevent something like this from happening again, we are enhancing our email security, have enabled multi-factor authentication on all email accounts, and we are reinforcing education with our employees on how to identify and avoid phishing emails," said Reva in a news release.

More articles on cybersecurity:
Texas provider alerts 6,500 patients of phishing attack
Connecticut payer alerts 1,100 members of phishing attack
10 tips for hospitals to mitigate ransomware attacks

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Webinars

Featured Whitepapers