Saint Alphonsus Health System and Saint Agnes Medical Center, both located in Livonia, Mich., Confirmed on March 4 that a recent email hacking incident revealed some patients’ personal information. .
Trinity Health and Boise, Idaho, in St. Alphonsus, discovered unusual activity related to an employee’s email account on January 6. -6.
Trinity Health and St. Alphonsus secured the email account immediately after discovering the unusual activity. Initially, healthcare systems believed the incident only affected Saint Alphonsus, but later discovered that some of the compromised email account information belonged to Saint Agnes patients, based in Fresno, Calif., Because Saint Alphonsus manages hospital billing for both systems.
The hacker used the compromised Saint Alphonsus employee’s email account to send phishing emails to obtain login credentials and passwords. Patient information accessible in the email account included names, addresses, dates of birth, medical record numbers, billing details, and some Social Security numbers.
Healthcare systems said they have tightened security measures, including retraining employees to avoid being involved in future cyber attacks, according to a press release.
Trinity Health includes 92 hospitals in 22 states.