Email client

Ascension Health Facility hit by Email Phishing Scam

April 25th, 2015

Ascension Health Facility suffered consecutive data breaches due to email phishing scam. It is not confirmed whether two incident were related to each other. Seton Family of Hospitals, a division of Seton Healthcare Family (“Seton”) announced the breach on the website. According to the reports, 39,000 patients’ got affected. Username and passwords was targeted by the scammers.

“St.Vincent Medical Group sincerely apologizes for any inconvenience this unfortunate incident may cause and assures all of its patients that the faith-based organization is taking appropriate measures to avoid an incident of this nature happening in the future,” the facility said in a statement.

The exposed information includes patient demographic information, such as names and dates of birth, medical record numbers, insurance information, limited clinical information, and Social Security numbers in a few cases. Medical records or billing records were not included in the breach.

“Seton launched an investigation into the matter, and the investigation has required electronic and manual review of affected emails to determine the scope of the incident,” Seton said in its statement. “Seton engaged computer forensics experts to assist with the investigation.”

The facility said that patients who had their Social Security numbers potentially exposed will receive free identity monitoring and protection services. Seton said that it is working with its email service provider “to evaluate ways to enhance its already robust security program,” and will provide more employee education on email phishing scams.

“We value the privacy and security of protected information, and we are committed to protecting the confidentiality and privacy of our patients and employees,” Garza said. “It is our priority to support those who have been affected.”

UC Davis Health suffers data breach

October 15th, 2014

UC Davis Health suffered data breach when a provider’s email was compromised by an unknown source. According to the reports, 1,326 patients’ data suffered breach. A member of the UC Davis IT team detected unusual activity in the email account and came to conclusion that the provider’s email was compromised by the unknown source. The source is not confirmed till date.

The event did not involve access to patient EHRs, Social Security numbers or other personal financial information. UC Davis Health System said that it has notified or is in the process of notifying several government agencies regarding the breach.

According to the statement:

UC Davis Health System’s email program is encrypted, and there are measures in place to prevent intrusions like this one including email filtering and cyber surveillance from occurring. Immediate actions to protect patient privacy — including blocking access by the unauthorized user and changing the account credentials – were taken when it was discovered that the email account had been compromised.

Since we are unable to determine the exact nature of the access by this unauthorized third-party, we are sending a letter to all patients who had information about them included in this email account.

UC Davis Health System is improving lives and transforming health care by providing excellent patient care, conducting groundbreaking research, fostering innovative, inter professional education, and creating dynamic, productive partnerships with the community. The academic health system includes one of the country’s best medical schools, a 619-bed acute-care teaching hospital, a 1000-member physician’s practice group and the new Betty Irene Moore School of Nursing. It is home to a National Cancer Institute-designated comprehensive cancer center, an international neuro developmental institute, a stem cell institute and a comprehensive children’s hospital. Other nationally prominent centers focus on advancing telemedicine, improving vascular care, eliminating health disparities and translating research findings into new treatments for patients. Together, they make UC Davis a hub of innovation that is transforming health for all.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.