Back to Email phishing

Email phishing

Email phishing attack at the Wise Health System impacts PHI of patients.

This July, the Washington-based Wise Health System (WHS) notified nearly 36,000 patients of email phishing attacks that affected their protected health information (PHI). The affected information includes medical record numbers, diagnostic and treatment data, and insurance information. 

On March 14, 2019, employees at WHS responded to phishing emails by entering their usernames and passwords. The objective of this attack was to redirect payroll deposits to the attacker's account. Fortunately, their payroll system follows the procedure of printing a paper check for two successive pay periods following a change to deposit information. Since there were an unusually high number of checks to be printed the following month, it got the attention of the payroll team. 

Even though the attacker targeted the payroll system, the affected members were notified about the breach, since the compromised email accounts contained patient information. WHS is offering free identity theft protection services to affected customers for a year. It also hired a third-party forensics expert to update its security protocols. The breach has been to reported to the local law enforcement and the U.S. Department of Health and Human Services (HHS).

Attackers use techniques like phishing, brute force, and credential stuffing attacks to gain access to email accounts. A smart tool like Exchange Reporter Plus enables organizations to stay ahead of attackers by monitoring for and thwarting email-bound cybersecurity threats. Download a free, 60-day trial of Exchange Reporter Plus today.

How ManageEngine can help

Exchange Reporter Plus provides a host of reports that help you locate suspicious emails, both sent and received, based on keywords in their subject or body. Often the content and sender of malicious emails come across as valid, tricking users into clicking on them and causing serious damage to the business. With Exchange Reporter Plus, it's easy to set up filters to look out for malicious attachments—whether they're TXT, PPT, or BAT files.

Get started now with your free, 60-day trial of Exchange Reporter Plus.

Share:

Latest DoS and DDoS attacks

Latest Brute force attack

Latest Crypto ransomware

Latest Advanced persistent threat (APT)

Compliance violation

Stay In The Know

Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.

Please enter a business email id
 

By clicking 'I’m interested', you agree to processing of personal data according to the Privacy Policy

+

Stay In The Know

Thank you

You will receive weekly cybersecurity news soon!

  • Please enter a business email id
  •  
  •  
    By clicking 'I'm Interested', you agree to processing of personal data according to the Privacy Policy.

© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.