Washington Health Care Provider Succumbs to Phishing Attack

2019, Breaches, January

Who: Chaplaincy Health Care

# of Accounts Breached: Roughly 1,080 patients.

What was affected: Although it appears the schemers only were looking for more email contacts, the employee’s inbox had some patient information, including names, birth dates, partial Social Security numbers, medical record numbers, and home address, the agency said this week. Complete Social Security numbers, financial records, and credit card information were not accessible

When it happened: November 2018

How it happened: An employee’s email login credentials were compromised through an apparent phishing scheme.

Outcome: Chaplaincy Health Care is offering free identity protection and credit monitoring to more than 1,000 people after a privacy breach. Chaplaincy hired a forensics firm to investigate. The firm concluded that whoever breached the account was looking for more email contacts for phishing, and not for financial or medical information, said Leslie Streeter, director of business development and operations. The breach was limited to a single email account.