Tupelo-based North Mississippi Health Services shut down a data breach within 17 minutes of its IT system being accessed, the health system said.
On July 3, North Mississippi Health Services became aware that a hacker had gained entry to its network after an employee opened a phishing email, according to a Sept. 1 notice from the seven-hospital system. Its security operations committee quickly shut down the system, ending the unauthorized access.
In those intervening minutes, however, the hacker had access to the employee's emails, which included patient names, dates of birth, primary care physicians' names, and diagnoses or conditions upon recent discharges from North Mississippi Medical Center-Tupelo, the health system's flagship hospital.
The organization noted that no financial information, Social Security numbers or EHRs were accessed, and it has no indication that any of the potentially breached data has been misused.