Phishing Attacks at Star Refining & Express MRI

Express MRI, a medical imaging center based in Peachtree Corners, GA, has begun informing patients regarding the exposure of some of their protected health information (PHI) due to a historic data breach. Express MRI found out on July 10, 2020 that an unauthorized person had acquired access to one email account and utilized it to send unauthorized email messages. The occurrence was explored back then, however, it was confirmed that no patient data was accessed.

On June 10, 2021, another evaluation of the security breach was done, and although no particular evidence was found that suggested unauthorized data access or theft, Express MRI deduced that it wasn’t really feasible to completely rule out data access or exfiltration by unauthorized individuals, for that reason Express MRI issued breach notification letters.

An analysis of the breached account confirmed the potential access or exfiltration of the following data: names, email addresses, addresses, birth dates, patient ages, referring doctor names, part of the body scanned, and if the scan was associated to a workers’ payment claim or investigation of a motor vehicle accident. There is no other patient information present in the breached email accounts.

Express MRI stated it took the essential and prompt steps to deal with the incident, which include putting together a team of very competent experts to strengthen the security of its data systems and carry out more safety measures to avoid other breaches.

Star Refining Phishing Attack Impacts 1,910 People

Adelda Health, Inc. also known as Star Refining, has found out that unauthorized persons obtained access to several employees’ email accounts after responding to phishing emails. The personal data of 1,910 people may have been accessed or exfiltrated.

The dental refining company in West Palm Beach, FL discovered the breach on April 29, 2021. A third-party computer forensics company is helping to make sure the incident was completely remediated and to find out the nature and extent of the breach.

An analysis of the breached email accounts showed they contained sensitive information like first and last names, postal addresses, Social Security numbers, driver’s license numbers, and credit card/financial details; nevertheless, there is no evidence that suggested the emails with that data were seen or obtained during the breach of the accounts. The first account access happened on April 12, 2021.

Notifications began to be delivered to impacted persons on July 22, 2021. Free Identity Works credit monitoring and identity theft protection services via Experian were given to impacted persons.