Two phishing attacks on Minnesota DHS breach 21,000 patient records

For more than a month, two separate employee accounts were compromised by the cyberattacks before the IT department discovered the hack.
By Jessica Davis
02:14 PM

Two employees of the Minnesota Department of Human Services fell for phishing attacks, which potentially breached 21,000 patient records over the course of more than one month.

THE IMPACT

The first email compromise began on June 28, the second on July 9, but officials said the IT department did not discover the hack until August. The subsequent investigation could not determine whether the hackers were able to access or copy the emails. Both accounts were secured upon discovering the hack.

Most of the patients impacted by the breach had interacted with the State Medical Review Team, while others had received services from the DHS Direct Care and Treatment facilities. The emails in question contained names, addresses, phone numbers, Social Security numbers, employment information and other personal data.

Other employees may have also been targeted by the phishing campaigns and officials have yet to confirm whether any other employee clicked on the malicious links. Minnesota DHS is still investigating the breach.

Attempted phishing campaigns targeting Minnesota’s executive agencies, including DHS, have increased in the past several months, according to officials. DHS is continuing employee education around email best practices and security event response.

THE TREND

Phishing attacks have plagued the healthcare sector throughout the year, and far too often, it takes at least a month for those victims to discover it. Just this month, California-based Gold Coast Health Plan began notifying 37,000 patients that a phishing attack breached their data for more than a month.

In July, another state agency, Manitowoc County, breached PHI for three months after a hacker hijacked an employee email account using a phishing scheme.

Employee education helps staff better recognize these malicious emails, but often hackers use highly targeted methods that make it tough to detect. Detection is crucial when a hacker is successful, which takes solid network monitoring and access control management tools.

Focus on Cybersecurity

In October, we take a deep dive into security strategy and pressing threats.

Twitter: @JF_Davis_
Email the writer: jessica.davis@himssmedia.com

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.