Phishing attack on AU Health exposes information of 417K people

The personal health information of 417,000 people may have been exposed following a phishing attack that targeted Augusta University (AU) Health in Augusta, Georgia.

The university was the target of two seperate cybersecurity attacks. Investigators are determining the scope of the second attack, which occurred in July, after an initial attack in Sept. 2017. Combined, both attacks could have potentially exposed sensitive information of about 417,000 people.

According to a statement, the university was targeted by a series of phishing emails that solicited usernames and passwords. After discovering the attack, the university disabled impacted email accounts, required passwords changes for the compromised accounts and heightened its security for any additional attacks

Information that may have been in compromised during the attacks included patient names, addresses, dates of birth, medical record numbers, medical information, treatment information, surgical information, diagnoses, lab results, medications, dates of services and/or insurance information.

“When our IT security team became aware of the September attack, they acted immediately—disabling the impacted email accounts, requiring password changes and monitoring our systems for additional suspicious activity. Shortly thereafter we engaged external cybersecurity experts to determine the extent of the attack,” Brooks Keel, PhD, Augusta University president and CEO of AU Health, said in a statement.  

“While the investigation verified that personal information was contained in compromised email accounts, no misuse of information has been reported at this time.”

""

Danielle covers Clinical Innovation & Technology as a senior news writer for TriMed Media. Previously, she worked as a news reporter in northeast Missouri and earned a journalism degree from the University of Illinois at Urbana-Champaign. She's also a huge fan of the Chicago Cubs, Bears and Bulls. 

Around the web

The American College of Cardiology has shared its perspective on new CMS payment policies, highlighting revenue concerns while providing key details for cardiologists and other cardiology professionals. 

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”

FDA Commissioner Robert Califf, MD, said the clinical community needs to combat health misinformation at a grassroots level. He warned that patients are immersed in a "sea of misinformation without a compass."

Trimed Popup
Trimed Popup