In October, Health Quest ended its investigation of a phishing incident. The health system found that a number of employees had fallen victim to a phishing attack, resulting in staff being tricked into disclosing their credentials to an unauthorized third party.
Patient data that may have been exposed included names, dates of birth, Social Security numbers, Medicare claim numbers, driver’s license numbers, provider names, dates of treatment, treatment and diagnosis information, health insurance plan member and group numbers, health insurance claims information, financial account information with security codes, and payment care information.
Health Quest has secured the email accounts that were compromised. The health system recommends patients review any statements they receive from their providers and health insurers.
Health Quest is a part of Nuvance Health, a seven-hospital system in Hudson Valley, N.Y., and western Connecticut.
More articles on cybersecurity:
Health systems should update computer systems in wake of Iran tensions, H-ISAC says
3 cybersecurity predictions for 2020
Former NYC hospital employee pleads guilty to hacking coworkers’ emails
At the Becker's 11th Annual IT + Revenue Cycle Conference: The Future of AI & Digital Health, taking place September 14–17 in Chicago, healthcare executives and digital leaders from across the country will come together to explore how AI, interoperability, cybersecurity, and revenue cycle innovation are transforming care delivery, strengthening financial performance, and driving the next era of digital health. Apply for complimentary registration now.
