Michigan’s largest healthcare provider has warned around 6,000 patients that their data may have been exposed following a cyber-attack.
In April, the organization started notifying 112,211 individuals that some of their personal health information (PHI) had been exposed. The warning came after a data breach that occurred in late 2019 resulted in some email accounts’ being compromised.
Beaumont responded by improving its multi-factor authentication software, conducting risk analysis, and providing additional employee training on spotting malicious email.
On June 5, Beaumont Health finished investigating a second data breach in which email accounts were accessed by unauthorized individuals between January 3, 2020, and January 29, 2020.
Emails within the compromised accounts contained PHI that included names, dates of birth, diagnoses, diagnosis codes, procedure and treatment information, type of treatment provided, prescription information, patient account numbers, and medical record numbers.
The healthcare provider stated that while the email accounts had been compromised, no evidence had been discovered to suggest that any emails or attachments associated with the accounts had been viewed or copied.
To date, no reports have been received by Beaumont that indicate any of the exposed patient data has been misused.
Beaumont privacy officer Kelly Partin told the Detroit Free Press that a small number of employees had fallen victim to a phishing scam with the result that six email accounts were compromised.
The incident was detected through routine monitoring carried out in January 2020. Beaumont subsequently launched an investigation that concluded on June 5 that one or more of the accessed email accounts contained patient PHI.
“However, out of an abundance of caution, we are issuing notices to anyone whose information may have been contained in the accessed accounts,” said a Beaumont spokesperson.
The individuals impacted by the incident represent just 0.3% of Beaumont’s 2.3 million patients. Notifications were issued on July 25, and impacted patients were warned to monitor their bank accounts and insurance statements for fraudulent transactions.
Beaumont said that immediately after the latest breach was detected, steps were taken to disable the email accounts involved and perform password resets.