Massachusetts Hospital falls Victim to Phishing Attack

Who: Baystate Health of Springfield

# of Records/People Affected: 12,000

When: 8 April 2019

What happened: Data breach exposed information about some 12,000 patients.

How Did it happen: A phishing incident resulted in unauthorized access to the email accounts of several employees between Feb. 7 and March 7. The hospital says the accounts included patient names and dates of birth, certain health information and, in some cases, Medicare or Social Security numbers.

Outcome: Baystate is urging patients that were affected by the breach to review statements from their providers and insurers to ensure they were not billed for services that they did not receive. The hospital is also offering some patients one year of free credit monitoring and identity protection.