Data breach triggered by phishing emails

Laura Pedulli | | Health Exec | Cybersecurity

About 12,000 patients potentially had their personal health information breached due to a phishing scam.

In January, Catholic Health Initiatives (CHI) care systems, based in Tacoma, Wash., learned that phishing emails were sent to a small group of employees from CHI-owned health systems. These employees responded to the emails believing they were legitimate requests from parent company CHI. “When we learned of this, we immediately secured the affected email accounts and began an investigation, including hiring an outside expert forensics firm,” according to CHI.

A subsequent investigation confirmed that a number of employee email accounts had been compromised. The hackers posed as CHI employees to obtain email logins to employee accounts. Forensics research determined that the hackers could have viewed patient demographic information, clinical information, and in a small number of instances Social Security numbers, the health system said.

Laura Pedulli

Related Content

FBI seeking extradition of Israeli prisoner accused of $500M in ransomware attacks
Data breach at chain of clinics impacts 450K patients
Nebraska becomes first state to sue Change Healthcare over data breach
Christmas ransomware exposed over 300K patient records to dark web
Cryo-frozen tissue manufacturer suffers cyberattack
First surgical device of its kind granted key FDA exemption

Around the web

Radiology Business
The biggest challenges facing radiology business managers in 2025

RBMA President Peter Moffatt discusses some of the biggest obstacles facing the specialty in the new year. 

Radiology Business
Policies and regulations shaping radiology in 2025

Mark Isenberg, executive vice president of Zotec Partners, discusses key developments that will reshape the specialty this year. 

Cardiovascular Business
FDA says years-long tirzepatide shortage is resolved, will give limited leeway to compounders

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.