home.aspx
 
. https://www.itgovernanceusa.com/blog/unitypoint-health-email-accounts-compromised-in-phishing-attack/
blog article
UNITYPOINT HEALTH EMAIL ACCOUNTS COMPROMISED IN PHISHING ATTACK
UnityPoint Health has revealed that several employee email accounts were subject to a phishing attack . Upon discovery of the incident on February 15, UnityPoint changed the passwords of the affected accounts and enrolled forensic specialists to investigate. Affected information included patient names, dates of birth, medical information including treatments and diagnoses, insurance information, and, in some cases, financial information and Social Security numbers. The compromised data could have been accessed as far back as November 1, 2017. The number of patients affected by the incident has not been publicly disclosed, nor has the incident been listed on the U.S Department of Health and Human Services Office for Civil Rights. Affected individuals are being informed by letter and, although there is no evidence of information misuse, are being advised to take precautionary measures to protect their medical information. UnityPoint has apologized for the incident, and is reviewing its security practices to prevent similar incidents in the future. The most important line of defense against a phishing attack is the email recipient. If your staff can identify and correctly respond to a malicious email, the danger can be mitigated. READ MORE