Back to Blog

Employees At InterMed P.A. Fall For Phishing Scam

About a month ago, two of the biggest healthcare providers in the state of Maine announced breaches in a phishing scam. Altogether, over 50,000 patients were impacted by the breach.InterMed P.A., which is located in Southern Maine, said attackers managed to gain access to email accounts of an employee. The company said the accounts were hacked in early September. Altogether, around 30,000 patients' data were compromised. The info included in the breach involved health insurance info, dates of birth and clinical information.The company did say that a limited number of Social Security Numbers were exposed. Other than that, they didn't give a specific number.The other company that was breached is Sweetser, which is a mental health services provider. The company sent letters to their clients and former clients that informed them that some of their data was exposed. In total, they sent out 22,000 letters.In the case with the Sweetser breach, info that has been compromised includes telephone numbers, the names of patients, dates of birth and social security numbers. Other info may have included driver license numbers, health insurance info and information on payments. Information about the medical conditions of some patients may have been affected too.It appears that Sweetser, like InterMed, also had employees that fell for a phishing scam. However, what actually lead to the hacking is not really known. This is typically the case with many hacking incidents.Sweetser mentioned in the letters that the hacking incident occurred in June. They discovered the hack in the same month. The company also suggested that whatever access the hacker/hackers had have been put to an end.This latest incident shows just how serious hacks within healthcare can be. In fact, data breaches can cost organizations on average of $6.4 million and that is per breach. The top challenges for healthcare firms continue to be phishing attacks and email breaches.If you're looking into cybersecurity awareness training for your employees, contact us today.Source:

Share on social media: 

More from the Blog

What is Social Engineering? Tactics, Techniques, and Prevention

Social engineering is a technique used by malicious hackers to obtain information, data, or access from the victim. Social engineering is also referred to as "human hacking". The hacker will often use a variety of techniques to get the victim to provide them with this information, such as authority level, fear, greed, or friendship.

Read Story

13 Important Security Awareness Training Topics for 2021

This blog post will examine some of the most common security awareness training topics, including phishing scams, social engineering, ransomware, and more. Educating your employees on these cyber security awareness topics will help your company stay secure, reduce human error, avoid data breaches, and become an overall security aware workforce.

Read Story

Never miss a post.

Enter your email below to be added to our blog newsletter and stay informed, educated, and entertained!
We will never share your email address with third parties.