Nashville, TN (WorkersCompensation.com) – With cybercrimes and data hacks having the 3rd highest growth rate with an estimated cost of $6 trillion in the coming year, it appears the cybercriminals are not slowing down. Apparently this past October was a busy month for hackers as there were at least three different phishing attemptsreported for that month
Last month, Tennessee Orthopedic Alliance (TOA) announced that TOA employee’s emails had been subjected to unauthorized access between August 16 and October 14, 2019. TOA was alerted to unusual email activity on October 18th at which time they initiated an investigation. On January 3rd, the investigation revealed that the breach had occurred within 2 employee email accounts and that other systems had not been impacted. It was estimated that 81,146 patient records were impacted.
Similarly, MHMR of Tarrant County in Fort Worth, Texas was impacted by a phishing attack around the same period. According to the release, authorities discovered on December 3rd 2019 that unauthorized access to a small number of employee emails had also occurred between October 14th and October 16th of last year. Although the release states that they don’t believe personal information such as dates of birth and social security numbers have been misused, the release did not say whether or not other systems were impacted. It is estimated that only 6,524 patients were involved in the breach.
According to a report from the Hartford Courant, a phishing incident that occurred at the end of October resulted in unauthorized access of around 1,100 patients when an Access Health CT employee’s email account was hacked. The hack was tracked down by IT staff when they discovered a large volume of spam coming from the employee’s email address. Forensic investigators were not able to determine who was behind the attack, but did manage to track down the event to an IP address well known for phishing attempts. Access Health CT has implemented new security protocols and added additional training for staff in response to the event.
According to the U.S. Department of Health and Human Services, there have been 57 incidents of electronic hacking incidents or unauthorized accesses reported since the first of the year. The number of patient records impacted total 1,143,777. New York had the highest number of incidents reported at 12 hacking attempts, followed by Texas with 6 incidents reported.