Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

400,000 Individuals Affected by Email Breach at West Virginia Healthcare Company

Monongalia Health System (Mon Health) this week disclosed a business email compromise (BEC) incident that was the result of unauthorized access to its email system.

Monongalia Health System (Mon Health) this week disclosed a business email compromise (BEC) incident that was the result of unauthorized access to its email system.

Mon Health says it became aware of the intrusion on July 28, when a vendor notified it of a payment that had not come through. An investigation launched into the matter revealed that adversaries likely had unauthorized access to the email system between May 10 and August 15, 2021.

As part of the incident, cybercriminals compromised a Mon Health contractor’s email account and used it to send messages in an attempt to obtain funds through fraudulent wire transfers.

The investigation also revealed that the miscreants managed to compromise other email accounts as well, but Mon Health believes that the purpose of the attack was BEC fraud.

Regardless, during the breach, the attacker likely had access to emails and attachments containing employee, contractor and provider information, as well as patient data, and the organization is currently in the process of notifying the affected individuals.

Potentially compromised data includes names, birth dates, addresses, patient account numbers, Medicare Health Insurance Claim Numbers, medical record numbers, health insurance plan member ID numbers, claims and treatment information, provider names, and dates of service.

The organization informed the U.S. Department of Health and Human Services this week that over 398,000 people might have been affected in the incident.

Mon Health also notes that it has since secured the affected email accounts and reset their passwords, and says that its electronic health records systems were not compromised during the incident. No other affiliated healthcare facilities or hospitals were compromised and their services and operations, as well as those of Mon Health, were not disrupted.

The organization encourages affected patients to review statements received from healthcare providers, to ensure they are not charged for services they did not receive.

“To help prevent something like this from happening again, Mon Health is continuing to review and enhance its existing security protocols and practices, including the implementation of multi-factor authentication for remote access to its email system,” the organization said.

Located in North Central West Virginia, Mon Health operates a network of hospitals, outpatient centers, and integrated physician clinics, including affiliated hospitals Monongalia County General Hospital Company and Stonewall Jackson Memorial Hospital Company.

Related: 2.1 Million People Affected by Breach at DNA Testing Company

Related: Utah Medical Group Discloses Data Breach Affecting Over 580,000 Patients

Related: Israeli Hospital Targeted in Ransomware Attack

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.