Phishing Attack at Allegheny Health Network Impacts 8K

August 02, 2022 - Allegheny Health Network (AHN) and its parent company, Highmark Health, announced that a phishing attack had led to potential protected health information (PHI) exposure for approximately 8,000 patients.

An employee was sent a malicious phishing email ink that led to their account being compromised between May 31 and June 1, 2022, the announcement explained. Upon discovery, AHN immediately shut down the compromised account, reset passwords, implemented preventative and monitoring controls, and engaged a third-party vendor to enhance its email security controls.

The threat actor managed to obtain access to some files containing patient names, birth dates, dates of service, conditions, treatment and diagnosis information, addresses, patient phone numbers, driver’s license numbers, medical history, and email addresses. In some instances, financial account information and Social Security numbers were impacted.

AHN and Highmark Health said they had no evidence that any of the information had been used fraudulently.

“At AHN and Highmark Health, safeguarding the privacy and security of patient and member information is our highest priority, and we sincerely regret any concern or inconvenience this breach may cause to those who are impacted by it,” Dan Laurent, AHN’s vice president of corporate communications, explained in the statement.

“As always, we will also use this incident as a learning opportunity to assess our robust cyber security protocols and consider additional measures and resources that will help to further strengthen our data security moving forward.”

NuLife Med Reports Security Incident

New Hampshire-based medical equipment company NuLife Med began notifying 3,805 individuals of a data security incident that impacted current and former patients.

On March 11, NuLife Med discovered suspicious activity on its systems. Further investigation revealed that an unauthorized party potentially viewed or acquired information stored in the systems between March 9 and March 11.

The information involved included names, addresses, health insurance information, medical information, and some Social Security numbers, financial account information, and driver’s license information.

In May, NuLife also notified Contego Solutions, a medical billing service, after determining that some of the information involved belonged to Contego.

“Contego determined that the potentially impacted data belonged to their medical provider clients. Contego identified its medical provider clients whose data was potentially impacted, and the patients affiliated with said medical providers,” the notice stated.

NuLife said it had no evidence of identity theft or fraud relating to the incident.

ATC Healthcare Services Discloses December 2021 Breach

Medical staffing services company ATC Healthcare Services began notifying an undisclosed number of individuals of a “criminal cyberattack” that it discovered on December 22, 2021. ATC said it immediately took steps to secure its systems and investigate the incident.

The investigation could not rule out the possibility that the threat actor accessed or acquired data. ATC said it has been unable to determine all the addresses of the impacted individuals.

The information involved included names, Social Security numbers, birth dates, driver’s licenses, medical information, health insurance information, employer-assigned identification number, usernames and passwords, and government-issued ID numbers.

“The confidentiality, privacy, and security of information within ATC's care are among the Company's highest priorities,” the notice stated.

“Upon learning of the event, ATC immediately took steps to secure the systems and to investigate the full scope of the incident. ATC has taken additional steps to further enhance the security of its systems.”