Henry Ford Health is notifying some of their patients that an unauthorized individual conducted an email phishing scheme to gain access to business email accounts. The improper access was quickly discovered, and the email accounts were secured.
Here are important facts to know:
- Some of the patient information was contained in the affected email boxes, but they do not know whether such information was actually accessed or not.
- Phishing email schemes are used to fraudulently obtain victims’ credentials or personal information by sending them fake email messages.
The incident occurred on March 30, 2023, and Henry Ford Health immediately began an extensive investigation to determine what happened.
Through their forensics investigation, they determined on May 16, 2023, that protected health information was contained in the email boxes and could have been accessed by the bad actor.
The information stored on the affected email accounts may have included the following: name, gender, date of birth, age, lab results, procedure type, diagnosis, date of service, telephone number, medical record number and/or internal tracking number.
As a result of this incident, Henry Ford Health is implementing additional security measures and providing additional training to employees about recognizing the signs of suspicious email and what to do if they receive one.
Cleanliness in Hospitals: Clinical Priority and Community Perception
Dana-Farber Receives $50M Gift for Planned Cancer Hospital
Clarinda Regional Health Center Reports Data Security Incident
Gaps in Nurses' Environmental Cleaning Knowledge Grow Amid Rising EVS Pressures
Ground Broken on the Southern Nevada Forensic Facility