United States – Palmetto Health & Women’s Health USA Phishing Scam
https://www.palmettohealth.org/patients-guests/news/palmetto-health-addresses-phishing-incident
Risk to Small Business: 1.666 = Severe: Palmetto Health and Women’s Health USA reported separate phishing scams that compromised private employee information and patient health records. Only two employee accounts were compromised, but this had cascading consequences for both the companies and their patients.
Individual Risk: 2 = Severe: Both healthcare companies acknowledge that hackers accessed sensitive patient information including names, addresses, social security numbers, Medicare Health Insurance Claim Numbers, and health insurance policy numbers.
Customers Impacted: 41,162
How it Could Affect Your Business: Sensitive patient information was disclosed in this breach, and the companies are offering identity theft protection services or free credit reports to affected patients. By all accounts, these companies worked quickly to secure patient information and to respond appropriately. However, email phishing scams are entirely preventable, and training and education can make all the difference.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.