Phishing Attack on Saint Alphonsus Health System, Saint Agnes Medical Center and Southeastern Minnesota Center for Independent Living

Due to a phishing attack encountered by Saint Alphonsus Health System based in Boise, ID, the information of its patients was potentially compromised, including the data of patients of Saint Agnes Medical Center located in Fresno, CA.

Saint Alphonsus detected strange activity in the email account of an employee on January 6, 2021. The provider immediately secured the email account and investigated the incident to determine the source and nature of the activity. Saint Alphonsus established that an unauthorized individual accessed the account on January 4, 2021, giving the person access to the account and the information stored therein for 2 days. The attacker used the account to send phishing emails to other people in an effort to get usernames and passwords.

The worker whose credentials were stolen helped in some business functions that call for access to protected health information (PHI), such as doing billing tasks for the West Region of Trinity Health, including Fresno.

An evaluation of all email messages and file attachments revealed that the account held the PHI of a number of patients. The PHI in the account varied from one patient to another. The following data elements were included full names along with at least one of the following data elements: date of birth, address, telephone number, email, medical record number, treatment details, and/or billing data. The account additionally had a number of Social Security numbers and credit card numbers.

Although the investigators confirmed the unauthorized account access, it was not possible to find out which emails, if any, were seen. During the time of issuing notifications, there was no evidence found that indicates the misuse of any patient data. The provider offered credit monitoring services to the affected persons. Employees received supplemental training on email and cybersecurity to avoid the same breaches again.

The number of patients impacted by the breach is still not yet certain at the moment. Updates will be given when additional information becomes available.

4,122 People Affected by Phishing Attack on Southeastern Minnesota Center for Independent Living

Disability and support services provider, Southeastern Minnesota Center for Independent Living (SEMCIL) located in Rochester and Winona, has found out an unauthorized individual acquired access to the email account of a worker that contained the PHI of 4,122 people.

An investigation into the phishing attack showed the account was compromised on August 6, 2020 and the hacker had potential access to the account until September 1, 2020. The investigation affirmed on December 22, 2020 the exposure of PHI, including names, addresses, dates of birth, driver’s license numbers, Social Security numbers, and a number of medical treatment data. The provider started sending notification letters to affected persons on February 19, 2021.

The investigation did not see any proof that suggests any PHI was viewed or obtained, and there were no reports obtained that indicate the improper use of any PHI. As a safety precaution against identity theft and fraud, people who had their Social Security number or driver’s license number exposed got offers of identity theft protection services for free.

Twitter Facebook LinkedIn Reddit Copy link Link copied to clipboard
Photo of author

Posted by

Mark Wilson

Mark Wilson is a news reporter specializing in information technology cyber security. Mark has contributed to leading publications and spoken at international forums with a focus on cybersecurity threats and the importance of data privacy. Mark is a computer science graduate.