PHI Exposed in Four Phishing Attacks

MU Health Care based in Missouri has encountered a phishing attack that resulted in the breach of a number of employee email accounts from May 4 to May 6, 2020. An investigation of the occurrence showed the compromised email accounts comprised patient data such as names, birth dates, account numbers, medical insurance details, driver’s license numbers and Social Security numbers.

MU Health Care has informed all impacted patients and has provided them free credit monitoring services. Thus far, there are no reports obtained that imply the misuse of any patient information.

The exposed email accounts held the protected health information (PHI) of 5,074 individuals.

Data Leaked After the University Hospital SunCrypt Ransomware Attack

University Hospital is a teaching hospital located in Newark, NJ that has suffered a ransomware attack. The attack in September 2020 involves the SunCrypt ransomware. Before deploying the ransomware, the attackers stole about 48,000 records, a few of which were posted on the attacker’s data leak website.

The number of patients affected by the attack is still uncertain at this point. However, the leaked information did consist of some patient records, such as names, Social Security numbers, dates of birth, driver’s license numbers, and some other information.

The attack seems to have began with a phishing email that led to the download of TrickBot Trojan and the. SunCrypt ransomware was downloaded as a secondary payload.

PHI of 4,806 Individuals Possibly Exposed in UCare Minnesota Phishing Attack

The not-for-profit health plan, UCare Minnesota, has encountered a phishing attack impacting the email accounts of a number of employees. A breach investigation was started upon discovery of suspicious network activity last April 2020. On May 4, 2020, UCare Minnesota established that an unauthorized person accessed selected email accounts. The email accounts were quickly secured and had an evaluation to know if the attackers accessed member data.

UCare Minnesota discovered on September 1, 2020 that the information in the email accounts included these personal records and PHI of 4,806 people: names, medical care provider names, diagnosis details, health insurance ID numbers, and dates of birth.

There is no evidence found that identify indicate the exfiltration or misuse of any data by the persons liable for the attack. UCare Minnesota has re-trained the workers regarding phishing attacks and has fortified email security.

Nebraska Medicine Experiences Cyberatack

Nebraska Medicine has reported that it has encountered a cyberattack that stopped accessibility to its computer networks. The cyberattack happened on September 25, 2020 and caused an outage that prompted substantial information technology system failures.

With no access to crucial IT systems, Nebraska Medicine was compelled to delay consultations for patients with elective operations or had other non-emergent medical concerns. Nebraska Medicine released an announcement on September 24 saying normal procedures would continue “in days”. The urgent room had messages and no ER patients were rerouted to elective techniques or had other non-important health concerns facilities.

It is not clear if patient records were viewed or stolen, however Nebraska Medicineconfirmed that no patient records had been deleted or destroyed and that all patient information could be reclaimed from backups.