Boys Town National Research Hospital and NorthStar Anesthesia Found PHI Undermined in Phishing Attacks

July 26, 2018

The phishing attacks on healthcare companies carry on… The previous few days have seen two more healthcare companies declare that electronic mail accounts were breached when workers replied to phishing electronic mails.
Electronic mail Account Undermined at Boys Town National Research Hospital
Boys Town National Research Hospital (Boys Town), an Omaha, NE hospital focusing in pediatric deafness, visual and communication complaints, has declared that a fresh phishing campaign has led to the electronic mail account of a worker being retrieved by an illegal person. The electronic mail account had the PHI of 105,309 patients.
Boys Town first became conscious of a safety breach on May 23, 2018 when uncommon electronic mail account activity was noticed. Computer forensics specialists were called in to probe and a breach was established to have happened on May 23.
Boys Town thoroughly scrutinized the account electronic mail-by-electronic mail to conclude which patients possibly had their PHI disclosed and the amount of PHI that was possibly undermined.
The breach was verified as being restricted to a single electronic mail account, which had confidential information of present and past patients and workers.
No proof of data exfiltration was found, even though it is possible that PHI was retrieved and possibly obtained. People impacted by the occurrence have been offered free identity theft protection facilities for 12 months. An evaluation of policies and procedures is being carried out and more safeguards will be applied to help avoid more phishing attacks.
NorthStar Anesthesia Notices Many Electronic mail Accounts Retrieved by Illegal Persons
An electronic mail phishing campaign aiming Irving, TX-based NorthStar Anesthesia, a supplier of subcontracted anesthesia facilities, was carried out between April 3 and May 24, 2018. The phishing campaign was recognized on May 23, 2018 with access to all undermined accounts obstructed on May 24, 2018.
Third-party forensic detectives were called in to help with the inquiry and decide the range of the attack and whether electronic mails having patients’ PHI were retrieved. The detectives decided that the undermined electronic mail accounts had a variety of PHI which included names, medical record numbers, diagnosis and treatment information, medical histories, IRS identity protection numbers, taxpayer ID numbers, health insurance application or claims information, birth dates, health insurance policy/subscriber numbers, and for a limited number of people, Social Security numbers.
NorthStar Anesthesia is applying additional safeguards to avoid more phishing attacks and affected people have been offered free credit checking and identity restoration facilities for two years.