A personnel in Terros Health in Phoenix was victimized by a phishing scam and by mistake exposed his login information. The attacker gained access to the victim’s email account who likely viewed the protected health information (PHI) included in the email account. Only one email account was compromised and other parts of the network system did not have any breach issues.
Terros Health knew about the phishing incident on April 12, 2018 and publicized on media about it on June 8. Breach notices had been mailed to all individuals impacted by the data breach. The team that investigated the attack learned that the phishing attack occurred some time on November 16, 2017. At that point the hacker first accessed the email account.
The compromised email account held the PHI of approximately 1,600 patients. However, only the names and birthdays of 1,241 patients were exposed. The remaining 359 patients had their names, birth dates, email addresses, addresses, health record numbers, diagnoses and a few other PHI compromised. There were also 142 patients who had their Social Security numbers potentially compromised. The majority of the patients affected by the breach had their healthcare services in the Terros Health clinic on 23rd/Dunlap Avenue.
Terros Health provided complimentary credit monitoring and identity theft protection services for 12 months to all patients who had their Social Security numbers compromised. There had been security controls set up to restrict unauthorized PHI access before the attack, however it wasn’t adequate to dissuade the phishing attack. Terros Health recently enhanced the security, guidelines and procedures to avoid breaches such as what happened. Employees also went through additional training on security awareness. Thus far, this was the greatest data breach that Terros Health had ever experienced.