On July 3, North Mississippi Health Services became aware that a hacker had gained entry to its network after an employee opened a phishing email, according to a Sept. 1 notice from the seven-hospital system. Its security operations committee quickly shut down the system, ending the unauthorized access.
In those intervening minutes, however, the hacker had access to the employee’s emails, which included patient names, dates of birth, primary care physicians’ names, and diagnoses or conditions upon recent discharges from North Mississippi Medical Center-Tupelo, the health system’s flagship hospital.
The organization noted that no financial information, Social Security numbers or EHRs were accessed, and it has no indication that any of the potentially breached data has been misused.