North Carolina hospital warns patients after phishing attack
The Catawba Valley Medical Center—a North Carolina-based hospital—is issuing notices to patients following a phishing attack that accessed several employee email accounts.
According to the notice, investigators determined the phishing attack happened between July 4 and Aug. 17, 2018. During the attack, hackers were able to gain access to three employee email accounts—possibly exposing some patient information, like names, birth dates, health information, services received at the hospital, health insurance information and some Social Security numbers.
The hospital stated there’s no evidence that any patient information has been misused and encouraged patients to review their information with their health insurer. The hospital is also mailing notices to affected patients and has created a call center to answer any questions about the security incident.
“We deeply regret any inconvenience or concern this incident may cause our patients,” the hospital said in a statement. “To help prevent something like this from happening in the future, we have hired security experts to enhance our employee education; we have implemented tighter e-mail controls; and we continue to upgrade our hardware and software platforms to combat these malicious threats.”