Privacy & Security

eHealthInsurance, Campbell County Health each fall for W-2 phishing scams

The two health organizations are the latest involved in the tax season phishing campaigns, which trick HR and payroll employees to sending hackers their W-2 forms.
By Jessica Davis
January 30, 2017
04:01 PM

Employees of Wyoming-based Campbell County Health and eHealthInsurance are the latest victims of a W-2 phishing scam, the organizations announced last week.

The Social Security numbers and W-2 information of around 1,400 Campbell Country employees were released on Jan. 25 by an employee, to a hacker impersonating a hospital executive, officials said. The hack only affected Campbell County Health employees, not patients.

Local law enforcement and a cybersecurity response team were contacted. Both are investigating the incident.

"We take this matter and the security of personal information very seriously at CCH, and we will continue to review and enhance our security practices to further secure our systems," CCH CEO Andy Fitzgerald, said in a statement.

Meanwhile, eHealthInsurance notified its employees of a similar breach on Jan. 27. An eHealth employee sent the W-2 information of the company's employee to a phishing email he or she believed was sent from an eHealth executive.

The stolen data contained W-2 information: name, address, Social Security number and the employee's wage information, eHealth CFO and COO Dave Francis said in a statement. The IRS and state Attorney Generals were contacted. eHealth will provide credit monitoring to affected employees for two years.

"As part of our ongoing commitment to the security of personal information in our care, we're working to provide additional mandatory training to employees on safeguarding the privacy and security of information on our systems," Francis said.

The two health organizations are part of a growing list of organizations impacted by a tax scam. Massachusetts-based Dracut Public Schools, UGI Utilities and San Francisco solar firm Sunrun, were also hit, just to name a few.

The IRS has cautioned all businesses to be on the look-out for tax-related phishing scams, as it has seen an influx of related cases. These scams were also problematic during 2016's tax season. Hackers trick payroll and human resources into providing employee tax information, by disguising the email as official company business.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Like Healthcare IT News on Facebook and LinkedIn

Topics: 
Privacy & Security, Workforce

More regional news

HIMSSCast logo

HIMSSCast: Caregiver input needed for allocation of investment dollars

By
Bill Siwicki
November 15, 2024
HHS Building

Trump picks RFK Jr. to lead HHS

By
Susan Morse
November 15, 2024
Sign outside FDA office

Lawmakers ask CDRH to revisit its CDS guidance

By
Andrea Fox
November 15, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Former Georgia Rep. Doug Collins
Trump taps former Rep. Doug Collins to head VA

Most Read

Atrium Health responds to new social engineering attack
Vendor Notebook: New cybersecurity and EHR performance upgrades 
HMIS integration with other public HIS sought and more India briefs
Particle Health files antitrust suit against Epic
Choosing a managed IT service for aged care
ASTP intros 2024 draft Federal FHIR Action Plan

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

Lee Kim at HIMSS_Global Health Equity Week 2024
AI can be leveraged to improve cybersecurity and health equity
Dr. Keisuke Nakagawa at UC Davis Health_Global Health Equity Week 2024
How artificial intelligence is changing the equation for SDOH integration
Andrea Hsu at National Science and Technology Council_HIMSS24 APAC
Fostering health IT innovation through academic-industrial collaborations
Valerie Rogers at HIMSS_Global Health Equity Week 2024
Technology and policy have a role to play in improving maternal health

More Stories

HIT professional reviews information on a laptop outside a server room
ASPR seeks feedback on public health orgs' cybersecurity needs
Gabriel Jones of Proprio on AI
Artificial intelligence is enabling big advances in surgery
Pharmacist sorting pills
Deploy RFID technologies to streamline controlled substance management
Healthcare workers in a meeting
Prioritizing cost management at U.S. healthcare systems: Keys to better margins
Healthcare worker looking at medical record on tablet with patient in background
Protect your IoMT devices against evolving cyberattacks
Jill Brewer at HIMSS_Healthcare Cybersecurity Forum 2024
What's the weakest link in organizational cybersecurity? Not what you might think
Richard Staynings at the University of Denver_Healthcare Cybersecurity Forum 2024
The challenges of safeguarding healthcare's 'data ocean'
Avihai Sodri of Antidote Health on telemedicine
How virtual-first can improve outcomes and make care more affordable