Atrium Health Wake Forest Baptist Hit by Cyberattack

The attack was conducted through a phishing email.

By HFT Staff


On April 20, 2023, Atrium Health Wake Forest Baptist learned that an unauthorized third party gained access to an employee’s email account on that same day through phishing. “Phishing” occurs when an email is sent that looks like it is from a trustworthy source, but it is not. The malicious email misleads the recipient to share or provide access to their account login information. 

They immediately began an investigation, took the necessary steps to secure the affected account and confirmed the unauthorized third party had no further access. Wake Forest Baptist also engaged a computer forensic firm to assist them with their investigation and notified law enforcement. Based on their findings, it appears the unauthorized third party had access to the affected account for a short time between April 18, 2023 – April 20, 2023. The forensic examination indicated the activity of the unauthorized third party was not focused on email content pertaining to medical or health information.  

Unfortunately, it was not possible to conclusively determine whether the unauthorized third party actually viewed any emails or attachments in the account. As a result, they conducted a review of the account to determine what information may have been accessible to the unauthorized third party. The information involved varied by individual, but generally included names, dates of birth, hospital account record numbers, health insurance information, treatment cost information, and/or clinical information, such as dates of service, provider names or locations of service. In some instances, patients' Social Security numbers were also identified in the account.  

Not all of Wake Forest Baptist’s patients were impacted, only those whose information happened to be in the files used by the employee’s account. Additionally, their electronic medical record systems are separate from their email accounts and were not affected by this incident.  

They have no indication that anyone’s information was actually viewed by the unauthorized third party or that it has been misused. However, as a precaution, they are mailing notification letters to individuals whose information was identified through their review and for whom they have sufficient contact information. The notification letters include a Reference Guide that provides additional information on general steps individuals can take to monitor and protect their personal information. Although Wake Forest Baptist are unaware of any actual or attempted misuse of patient information as a result of this incident, they encourage affected patients to carefully review their credit reports and similar types of documents that might indicate questionable activity. For those whose Social Security numbers were identified in the account, they are offering complimentary credit monitoring and identity protection services. 



July 17, 2023


Topic Area: Information Technology , Safety , Security


Recent Posts

Waco Family Medicine Achieves Savings and Bold Design with Wood Selections

Case study: The healthcare facility incorporated over 25,000 square feet of wood and saved over $400,000.


Alleged Ransomware Administrator Extradited from South Korea

The Phobos ransomware has been used globally to target over 1,000 organizations, including healthcare.


Design Plans Unveiled for New Intermountain St. Vincent Regional Hospital

The new hospital will be a 14-floor, 737,000 square-foot facility in Billings, Montana.


Ground Broken on New Pediatric Health Campus in Dallas

The new campus will replace the existing Children’s Medical Center Dallas.


Pre-Construction Strategies for Successful Facilities Projects

Savvy decisions can help facilities meet long-term goals by creating consistency and eliminating waste.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.