PHI of Almost 140,000 Individuals Potentially Compromised in Imperium Health Phishing Attack

HIPAA Journal

Steve Alder

Imperium Health Management, a Louisville, KY-based provider of development services to Accountable Care Organizations (ACOs), is notifying 139,114 individuals that some of their protected health information was potentially compromised in a recent phishing attack.

Imperium Health learned of the attack on April 23, 2020. The investigation revealed one email account was breached on April 21, 2020 and a second email account was breached on April 24, 2020 due to the employees responding to phishing emails. The emails contained links that appeared to be legitimate but directed the employees to a website where their email credentials were harvested.

A review of the compromised email accounts revealed they contained protected health information such as...

Get the Morning Update

Thanks for subscribing!