Michigan hospital email phishing attack exposes 26,861 patients' info: 4 notes

Marshall, Mich.-based Oaklawn Hospital recently notified patients of an employee email phishing attack that exposed their personal and protected health information.

Four notes:

1. In a Sept. 24 notice published on its website, Oaklawn Hospital said it discovered on July 28 that one or more employee email accounts were accessed by an unauthorized user between April 14-15.

2. Patient information exposed as a result of the incident included names, dates of birth, medical and health insurance numbers, and, in some cases, Social Security numbers, financial account information and driver's license numbers.

3. Oaklawn Hospital reported the breach Sept. 25 to HHS as affecting 26,861 individuals.

4. As a result of the breach, Oaklawn has added additional measures to improve its privacy safeguards, including providing additional training to employees and improving its multifactor authentication software.

More articles on cybersecurity:
Georgia hospital employee framed in HIPAA violation scheme
'We are making steady progress': UHS confident IT network will be restored 'soon' following cyberattack
Anthem settles 2015 cyberattack for $39.5M: 6 details  

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Featured Content

Featured Webinars

Featured Whitepapers