Minnesota hospital alerts 2,000 patients of phishing scheme

Mackenzie Garrity - Print  | 

Blue Earth, Minn.-based United Hospital District is notifying 2,143 patients about a June 2018 phishing scheme.

A hospital employee's email account was compromised in a phishing attack June 10-27, 2018. After an investigation, the hospital determined Dec. 12 that the email account had contained patient information, including:

• Names
• Addresses
• Health insurance information
• Internal patient identifiers

The email account also contained a limited number of patients' medical treatment information, medical diagnostic information and Social Security numbers.

While the hospital is unaware of any reported cases of identity fraud or improper use of information as a result of the incident, United Health District is offering free credit monitoring and identity theft services to patients whose Social Security numbers were contained in the affected email account.

Editor's note: Becker's reached out to the hospital for comment. This article will be updated as more information becomes available.

More articles on cybersecurity:
AdventHealth notifies 42,000 patients of data breach
Healthcare ranks 8th out of 18 industries for data security performance, report says
Maryland legislators propose crackdown on ransomware attacks

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

To receive the latest hospital and health system business and legal news and analysis from Becker's Hospital Review, sign-up for the free Becker's Hospital Review E-weekly by clicking here.