Spectrum Healthcare notifies 11,300 patients of phishing attack

South Portland, Maine-based Spectrum Healthcare Partners is notifying 11,308 patients of an email incident that may have exposed their protected health information.

In November, Spectrum Healthcare Partners discovered that an unauthorized third party had gained access to an employee's email account. That employee worked at Central Main Orthopaedics, which is part of Spectrum Healthcare Partners.

Patient data that may have been exposed included names, dates of birth, addresses, financial balances, health insurance information and other clinical and treatment information. Only patients who received care at Central Maine Orthopaedics were affected.

Spectrum Healthcare Partners said there is no evidence that patient information has been misused. The health system is recommending patients review any statements they receive from healthcare providers and insurers.

"To help prevent something like this from happening again, we are reviewing and further strengthening our internal IT security policies and procedures, providing more stringent security training for staff, and implementing stronger technical controls," Spectrum Healthcare Partners said in a news release.

More articles on cybersecurity:
Health systems should update computer systems in wake of Iran tensions, H-ISAC says
3 cybersecurity predictions for 2020
Former NYC hospital employee pleads guilty to hacking coworkers' emails

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.