Phishing Email May Have Impacted Personal Information

pPotentially Affected Individuals Being NotifiedppCHARLOTTE NC Sept 13 2024 Atrium Health is sending notifications to a subset of its patients and employees who may be potentially impacted by the effects of a malicious email sent to some of the health systems employees On April 29 2024 the system learned that an unauthorized third party had gained access to a limited number of employee email accounts through phishing Phishing occurs when an email looks like it is from a trustworthy source but instead is a malicious email designed to mislead the recipient into sharing information or providing access to their account login informationppAtrium Health immediately began an investigation taking the necessary steps to secure the affected accounts and confirmed the unauthorized third party had no further access It also engaged a thirdparty forensics firm to assist with its investigation and notified law enforcement Based on the findings from the investigation it appears the unauthorized party had access to the affected account for a short time between April 2930ppThe forensic examination of the affected accounts was completed July 17 2024 Not all of Atrium Healths patients or employees were impacted only those whose information happened to be in the email andor files included in the affected employees accountsppIt is not possible to conclusively determine whether the unauthorized party actually viewed any emails or attachments contained in the email accounts Findings indicate the activity of the unauthorized third party was not focused on medical or health information content in the employee email boxes Importantly Atrium Healths electronic medical record systems are separate from its email system and were not affected by this incidentppAtrium Health is unaware of any attempted or actual misuse of patient or personal information and there is no evidence any personal information was viewed as a result of the phishing attack However the health system is mailing notification letters to patients and employees whose personal information could have potentially been exposed in the incident and posting a notice on its website explaining what took place and apologizing that the incident occurredppInformation which may have been accessible includes an individuals first andor last name middle initial street address email address andor phone numbers Social Security number date of birth medical record number drivers license or stateissued identification number certain government or employer identifiers bank or financial account numbers or information including routing numbers financial institution name security codePIN andor expiration date treatmentdiagnosis prescription health insurance andor treatment cost information patient identification number health insurance account or policy numbers incidental health references billing identification numbers access credentials andor digital signaturesppIndividuals whose personal information was noted in the data involved are being offered complimentary credit monitoring and identity protection servicesppPatient safety privacy and security are regarded as Atrium Healths highest priorities It promptly engaged its internal and external legal teams as well as its security teams to further examine what took place It is continuing to evaluate and enhance security controls as appropriate to minimize the risk of similar incidents in the future and is providing additional phishing training and education to its employeesppA call center where people can get additional information or ask questions about the phishing incident is available at 8669971986 Monday through Friday from 900 am to 630 pm Eastern Time excluding major US holidays People may also visit httpsatriumhealthorgdataincidentp