Email System at Navicent Health targeted in Cyber Attack

2019, Breaches, March

Who: Navicent Health

When: 15 Mar 2019

# of records involved: 270,000

What happened: Navicent Health was the victim of a cyber attack that targeted its email system last July.
How did it happen: Navicent Health was the victim of a cyber attack, in which an unauthorized third party illegally accessed employee and hosted email accounts.

Outcome: Upon learning of the attack, Navicent Health commenced a prompt, extensive, and thorough investigation and worked closely with four industry-leading, external data privacy, ​and cybersecurity firms. After a broad forensic investigation, Navicent Health discovered that the impacted email accounts that were accessed contained personal information for certain individuals. At this point, Navicent Health is not aware of any fraud or identity theft to any individual as a result of this incident and does not know if any personal information was ever viewed or acquired by the unauthorized party. It is also important to note that the incident impacted employee email accounts only, and had no impact on Navicent Health’s computer networks or electronic medical record systems.