Texas health system PHI compromised following phishing attack

Edinburg-based South Texas Health System is notifying patients that some of their protected health information may have been compromised when an unauthorized party accessed a business associate's email account using a phishing tactic.

On Jan. 18, the associate noticed suspicious activity in one of their employee's email accounts. 

The business associate learned that the email account had been targeted by a phishing attack and was able to be accessed by an unauthorized user through a web browser.

The emails potentially affected contained patient information from the health system, such as names, patient account and/or medical record numbers, admission and/or discharge dates, status of diagnosis or discharge, and associated billing amounts.

Financial information such as Social Security numbers were not in the emails, according to the health system. 

South Texas Health System said it does not believe protected health information within the emails were misused, however, it sent out notification letters to all affected on May 17. 

The health system did not mention how many patients were affected by the breach.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars