Phishing Attack Compromises PHI of 23,000 Patients

June 10, 2019


Columbia, S.C.-based Palmetto Health, now known as Prisma Health, was targeted in a phishing attack that may have compromised the information of 23,000 patients, according to the HIPAA Journal.


Emails were sent to hospital employees containing a malicious link. If employees clicked on the malicious link, they were directed to a website that asked them to enter their email credentials. The hacker then gained access to their email accounts.


An investigation found the hacker's emails were sent in November. A review of the incident was completed Feb. 19, revealing the protected health information of 23,811 patients had been exposed, the HIPAA Journal reports.


Patients' names and treatment or consultation information was affected. A limited number of emails contained health insurance information, social Security numbers and financial information.


Don't let this happen to your practice. Annual employee compliance training can prevent such vulnerabilities. For more information, contact the HIPAA compliance experts at HIPAAcraticRx.


Share on Facebook
Share on Twitter
Please reload

Featured Posts

How to Handle Breach Notifications

February 26, 2020

Please reload

Recent Posts
Please reload

Please reload

Search By Tags
Please reload

Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square

HIPAAcraticRx - The Prescription for HIPAA Compliance


20 Hempstead Turnpike, Farmingdale, New York 11735 . (516) 200-6610 .

  • White LinkedIn Icon
  • White Facebook Icon
  • White Twitter Icon
  • White Google+ Icon

© 2019 HIPAAcratic Rx -