Wise Health System Suffers Phishing Attack Compromising Nearly 36,000 Patients' Information

• Although the intent of the phishing campaign is to divert payroll direct deposits, the compromised email accounts that stored patient information might have been accessed.
• The compromised employee email accounts included patients’ medical record number, diagnosis and treatment information, and insurance information.

Wise Health System is notifying almost 35,899 patients that it suffered a phishing attack compromising employees’ email account, which might have exposed patients’ medical information.

What happened?

The healthcare provider noted that they experienced a phishing campaign on March 14, 2019, and some of their employees fell victim to the phishing attack by providing their usernames and passwords. Using the credentials obtained from employees, the attackers gained access to the Employee Kiosk in order to divert payroll direct deposits.

Although the intent of the phishing campaign is to divert payroll direct deposits, the compromised email accounts that stored patient information might have been accessed.

What information was involved?

The compromised employee email accounts included patients’ medical record number, diagnosis and treatment information, and insurance information.

“Again, we believe the purpose of this campaign was to divert payroll direct deposits rather than to obtain patient information. However, we felt it would be prudent to make you aware of this incident. Wise Health System has not received any reports of patient identity theft since the date of the phishing incident,” Wise Health System said in a security notice, Databreaches.net reported.

What was the response?

• Upon learning the incident, the healthcare system reported the incident to law enforcement authorities.
• The healthcare organization hired forensic experts to investigate the incident.
• It has taken the necessary steps to review and update its security policies in place, in order to avoid such incidents from happening in the future.
• Further, it is providing 12 months of free identity theft monitoring services and a $1,000,000 insurance reimbursement policy for all potentially impacted patients.