Email Account Breaches at South Country Health Alliance Breach, Precision Spine Care, and Jefferson Healthcare

Minnesota South Country Health Alliance based in Owatonna, MN has uncovered that an unauthorized person gained access to an employee’s email account that held the protected health information (PHI) of 66,874 of its members.

The email account breach was noticed on September 14, 2020, with the succeeding investigation showing the unauthorized individual first accessed the account on June 25, 2020. The evaluation of the email account was concluded on November 5, 2020 and unveiled it included personal data and PHI like names, Social Security numbers, addresses, health insurance details, Medicare and Medicaid numbers, diagnostic or treatment data, date of death, name of the provider, and treatment cost details.

Minnesota South Country Health Alliance mailed notifications to all members affected by the incident on December 30, 2020. The late issuance of notifications was caused by the time it took to determine the present mailing addresses for impacted persons.

The breach investigation didn’t show any proof to indicate the viewing, theft or misuse of any protected health information in the account. South Country Health Alliance is giving free credit monitoring and identity protection services to individuals possibly affected by the breach.

20,787 Patients Impacted by Precision Spine Care Email Breach

Precision Spine Care in Tyler, TX announced that an email account breach led to the compromise of the protected health information (PHI) of 20,787 patients.

An unauthorized person obtained access to the email account of an employee and tried to redirect funds to another bank account. The motive of the attackers seems to be to do a payment scam only, although it did not succeed. The investigation into the breach included an analysis of the affected email account, which held names, addresses, birth dates, and some medical data.

There was no information uncovered that shows the attacker had access to any PHI in the email account. Precision Spine Care sent notifications to all impacted people in January 2021.

2,550 Persons Impacted by Jefferson Healthcare Phishing Attack

Jefferson Healthcare in Washington found out that an unauthorized person accessed the email account of an employee who responded to a phishing email. In the email account, there was a DocuSign document that needed login credentials to be able to access the file.

Only one email account was impacted by the breach. No other systems were impacted. The breach investigation revealed that the email account accessed by an unauthorized person on November 12, 2020.

After an analysis of the compromised account, Jefferson Healthcare confirmed that it contained the PHI of about 2,550 patients. The investigators had to check over 30,000 file attachments manually to ascertain if they included patient data.

Although the emails and attachments contained some personal data and PHI, for most affected patients, the data was not particularly sensitive. The account contained Social Security and/or financial data of 84 patients. Those people were given free credit monitoring services.

The attacker used the breached email account to send other malicious emails to persons listed as contacts in the account. A total of 658 emails were dispatched from the account. Jefferson Healthcare notified those persons and told them not to open the file attachment.