Phishing attack on AU Health exposes information of 417K people

The personal health information of 417,000 people may have been exposed following a phishing attack that targeted Augusta University (AU) Health in Augusta, Georgia.

The university was the target of two seperate cybersecurity attacks. Investigators are determining the scope of the second attack, which occurred in July, after an initial attack in Sept. 2017. Combined, both attacks could have potentially exposed sensitive information of about 417,000 people.

According to a statement, the university was targeted by a series of phishing emails that solicited usernames and passwords. After discovering the attack, the university disabled impacted email accounts, required passwords changes for the compromised accounts and heightened its security for any additional attacks

Information that may have been in compromised during the attacks included patient names, addresses, dates of birth, medical record numbers, medical information, treatment information, surgical information, diagnoses, lab results, medications, dates of services and/or insurance information.

“When our IT security team became aware of the September attack, they acted immediately—disabling the impacted email accounts, requiring password changes and monitoring our systems for additional suspicious activity. Shortly thereafter we engaged external cybersecurity experts to determine the extent of the attack,” Brooks Keel, PhD, Augusta University president and CEO of AU Health, said in a statement.  

“While the investigation verified that personal information was contained in compromised email accounts, no misuse of information has been reported at this time.”

""

Danielle covers Clinical Innovation & Technology as a senior news writer for TriMed Media. Previously, she worked as a news reporter in northeast Missouri and earned a journalism degree from the University of Illinois at Urbana-Champaign. She's also a huge fan of the Chicago Cubs, Bears and Bulls. 

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.