Henry Ford Health is notifying some of their patients that an unauthorized individual conducted an email phishing scheme to gain access to business email accounts. The improper access was quickly discovered, and the email accounts were secured.
Here are important facts to know:
- Some of the patient information was contained in the affected email boxes, but they do not know whether such information was actually accessed or not.
- Phishing email schemes are used to fraudulently obtain victims’ credentials or personal information by sending them fake email messages.
The incident occurred on March 30, 2023, and Henry Ford Health immediately began an extensive investigation to determine what happened.
Through their forensics investigation, they determined on May 16, 2023, that protected health information was contained in the email boxes and could have been accessed by the bad actor.
The information stored on the affected email accounts may have included the following: name, gender, date of birth, age, lab results, procedure type, diagnosis, date of service, telephone number, medical record number and/or internal tracking number.
As a result of this incident, Henry Ford Health is implementing additional security measures and providing additional training to employees about recognizing the signs of suspicious email and what to do if they receive one.
States Move Forward to Better Protect Senior Citizens
Archer and REDA to Transform Newport Beach Building into Outpatient Center
Sunflower Medical Group Facing Lawsuit Following January Data Breach
Nemours Children's Health Opens New Location in Lake Nona
Enhancing Safety at Hennepin Healthcare with a Screening System