Phishing Attack on Third Party Company Exposes 1,000 Essentia Health Patients Data

Exploit: Phishing attack
Essentia Health: Integrated healthcare system offering services in Minnesota, Wisconsin, North Dakota, and Idaho

Risk to Small Business: 2 = Severe: A vendor providing billing services for the healthcare provider was the victim of a phishing scam that consequently compromised patient data at Essentia Health. The healthcare provider is investigating the incident and the integrity of other third-party vendor systems. In today’s digital landscape, verifiable data security standards are a must have for any partnership that involves personally identifiable information.

Individual Risk: 2.428 = Severe: Essentia notified those impacted by the breach, but they have not identified any attempted misuse of patient data. Even so, once sensitive personal information is accessed, it can quickly become accessible on the Dark Web, so those affected will need ongoing credit and identity monitoring services to ensure their data’s integrity.

Customers Impacted: 1,000
How it Could Affect Your Customers’ Business: Data breaches that expose people’s personal information can have devastating consequences for both the company and the victims. The most advantageous road to recovery starts with ensuring that victims have the support necessary to adequately recover from the incident. This includes identifying the cause and scope of a breach as well as providing the credit and identity monitoring services that offer rapid detection of data misuse.

Risk Levels:

1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.