Phishing attacks continue to hit health care providers and experts say the attacks will become even more frequent in 2019. As previously reported, the largest breach of healthcare information was recently settled by Anthem, which involved almost 80 million individuals’ information, all caused by a phishing email to one individual at Anthem [view related posts here and here].
One employee’s click on one phishing email can compromise large data sets, which emphasizes the need to educate employees and give them tools to recognize phishing emails.
Unfortunately this is what happened to one employee at Southwest Washington Regional Surgery Center in Vancouver, Washington. According to officials there, hackers launched a phishing scheme and one employee at the surgery center clicked on it and the hackers were in the system from May 27-August 13, 2018. While in the system, the hackers had access to some of the surgery center’s patients’ information, including names, addresses, Social Security numbers, drivers’ license numbers, credit card information and medical information.
Following the breach, the surgery center updated passwords and enhanced email access protocols, which companies may wish to consider implementing before an incident.
[View source.]