Atrium Health Falls Victim to Phishing Incident

The incident was detected in late April.

By HFT Staff


Atrium Health recently identified a security incident that may have involved some patient information.  

On or about April 29, 2024, Atrium learned that an unauthorized third party gained access to some employee email accounts on that same day through “phishing.” Phishing occurs when an email looks like it is from a trustworthy source but is not. The malicious email misleads the recipient into sharing or providing access to their account login information. 

Atrium immediately began an investigation, took the necessary steps to secure the affected accounts and confirmed the unauthorized third party had no further access. They also engaged a forensic consultant to assist with the investigation and notified law enforcement. Based on their findings, it appears the unauthorized third party may have had access to the affected accounts for a short time from April 29 to 30. They confirmed the unauthorized third party did not access Atrium Health’s electronic health record systems. The forensic consultant’s analysis of the affected accounts, completed on July 17, 2024, indicates that the unauthorized party was not focused on email content pertaining to medical or health information.  

However, it was not possible to conclusively determine whether the third party actually viewed any emails or attachments contained in the affected accounts. As a result, with the assistance of the forensic consultant, Atrium conducted a review of the accounts to determine what information may have been accessible to the party. This information may have included one or more of the following: an individual’s first and/or last name; middle initial; street address, email address and/or phone number(s); Social Security number; date of birth; medical record number; certain government or employer identifiers; driver’s license or state-issued identification number; bank or financial account numbers or information, including routing numbers, financial institution name, or expiration date; treatment/diagnosis, provider name, prescription, health insurance or treatment cost information; patient identification number; health insurance account or policy number(s); incidental health references; billing identification numbers; access credentials; and/or digital signatures.  

Not all of Atrium Health’s patients were impacted, only those whose information happened to be in the files used by the affected employees’ accounts. Additionally, their electronic medical record systems are separate from their email accounts and were not affected by this incident.  

Atrium has no indication that anyone’s information was actually viewed by the unauthorized third party or that it has been misused. However, as a precaution, they are mailing notification letters to people whose information was identified through their review and for whom they have sufficient contact information.  



September 19, 2024


Topic Area: Information Technology , Security


Recent Posts

17 Million Patient Records Stolen in PIH Health Ransomware Attack

A ransomware attack halted operations across three of PIH’s hospitals.


Holidays are Prime Times for Healthcare Cyberattacks

A study found that 86 percent of organizations that experienced ransomware attacks were targeted on a holiday or weekend.


Hartford Healthcare Forms Partnership to Open Health Equity Clinic

The new clinic will open in January 2025.


UCHealth Reveals Plans for Memorial Hospital North Expansion

Construction on the patient tower is slated for 2026 with a projected opening to patients in 2029.


What Are 'Hospi-tels'?

Hospitals and hotels are partnering to better cater to patients and families.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.