PHI of 26,861 Patients Potentially Compromised in Oaklawn Hospital Phishing Attack

HIPAA Journal

Steve Alder

Oaklawn Hospital in Marshall, MI, has started notifying 26,861 patients about a potential breach of their personal and health information.

It is unclear when the breach was detected, but the forensic investigation revealed on July 28, 2020 that the email accounts of certain employees had been accessed by unauthorized third parties between April 14 and April 15, 2020. Access to the accounts was gained after employees responded to phishing emails and disclosed their email credentials. The breach was detected when suspicious emails were found in several employee email accounts.

A comprehensive manual document review was conducted to identify any protected health information stored in the compromised email accounts. The compromised accounts were...

Get the Morning Update

Thanks for subscribing!