About a month ago, two of the biggest healthcare providers in the state of Maine announced breaches in a phishing scam. Altogether, over 50,000 patients were impacted by the breach.
InterMed P.A., which is located in Southern Maine, said attackers managed to gain access to email accounts of an employee. The company said the accounts were hacked in early September. Altogether, around 30,000 patients’ data were compromised. The info included in the breach involved health insurance info, dates of birth and clinical information.
The company did say that a limited number of Social Security Numbers were exposed. Other than that, they didn’t give a specific number.
The other company that was breached is Sweetser, which is a mental health services provider. The company sent letters to their clients and former clients that informed them that some of their data was exposed. In total, they sent out 22,000 letters.
In the case with the Sweetser breach, info that has been compromised includes telephone numbers, the names of patients, dates of birth and social security numbers. Other info may have included driver license numbers, health insurance info and information on payments. Information about the medical conditions of some patients may have been affected too.
It appears that Sweetser, like InterMed, also had employees that fell for a phishing scam. However, what actually lead to the hacking is not really known. This is typically the case with many hacking incidents.
Sweetser mentioned in the letters that the hacking incident occurred in June. They discovered the hack in the same month. The company also suggested that whatever access the hacker/hackers had have been put to an end.
This latest incident shows just how serious hacks within healthcare can be. In fact, data breaches can cost organizations on average of $6.4 million and that is per breach. The top challenges for healthcare firms continue to be phishing attacks and email breaches.
If you’re looking into cybersecurity awareness training for your employees, contact us today.