DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Tennessee hospice notifying patients whose information was accessed after employees fell for phishing attacks

Posted on July 14, 2018 by Dissent

 Alive Hospice in Tennessee is notifying patients whose personal and protected health information were in employee emails that were accessed by an unknown person or persons beginning on December 20, 2017 and again on April 5, 2018 after two employees fell prey to phishing attacks. The attacks were discovered on May 15, 2018.

Here is their full press release/notification:

On or around December 20, 2017, and April 5, 2018, Alive Hospice experienced email phishing events that affected an employee email account.  Alive Hospice immediately took steps to respond to and investigate these events and, while the investigations found no evidence of unauthorized access to personal information, Alive Hospice took steps to change the user’s password on both occasions, in an abundance of caution.  On or around May 15, 2018, during a review of its email system, Alive Hospice learned of ongoing unauthorized activity in the employee’s email account that may have resulted in unauthorized access to certain personal information.  Alive Hospice immediately commenced an investigation to determine the nature and scope of the incident, as well as determine what information may be affected.  Through the investigation, which included working with third party forensic investigators, Alive Hospice determined that an unauthorized actor(s) gained access to two Alive Hospice employee email accounts.  The investigation determined the unauthorized activity began on or around December 20, 2017, for one user, and on or around April 5, 2018 for the other user.  The investigation also determined that the emails affected by this incident contained personal information.  While the information potentially affected varies by individual, Alive Hospice’s investigation determined that the information that may have been affected includes name, date of birth, Social Security number, passport number, driver’s license or state identification number, copy of birth or marriage certificate, financial account number, medical history information, treatment and prescription information, health insurance information, username/email and password information, biometric identifiers, IRS pin number, digital signatures, and security questions and answers. To date, Alive Hospice has no evidence that any information potentially impacted by this incident was subject to actual or attempted misuse.

The confidentiality, privacy, and security of information in Alive Hospice’s care is one of its highest priorities.  Upon learning that patient information may have been affected by this incident, Alive Hospice commenced an investigation to confirm the nature and scope of the event and identify what personal information may have been present in the affected emails.  With the assistance of third party forensic investigators, Alive Hospice has been working to identify and put in place resources to assist potentially impacted individuals.  While Alive Hospice already has stringent security measures in place to protect information in its systems, Alive Hospice is also implementing additional safeguards to protect the security of information.

On July 13, 2018, Alive Hospice will begin mailing notice letters to individuals who may have been affected by this incident.  Alive Hospice has offered potentially impacted individuals access to credit monitoring and identity restoration services for one year without charge.  Alive Hospice is also encouraging potentially impacted individuals to remain vigilant against incidents of identity theft and fraud, to review account statements, and to monitor credit reports and explanation of benefits forms for suspicious activity.  Alive Hospice’s notification to potentially impacted individuals includes information on obtaining a free credit report annually from each of the three major credit reporting bureaus by visiting www.annualcreditreport.com, calling 877-322-8228, or contacting the three major credit bureaus directly at: Equifax, P.O. Box 105069, Atlanta, GA, 30348, 800-525-6285, www.equifax.com; Experian, P.O. Box 2002, Allen, TX 75013, 888-397-3742, www.experian.com; TransUnion, P.O. Box 2000, Chester, PA 19016, 800-680-7289, www.transunion.com. Potentially impacted individuals may also find information regarding identity theft, fraud alerts, security freezes and the steps they may take to protect their information by contacting the credit bureaus, the Federal Trade Commission or their state Attorney General.  The Federal Trade Commission can be reached at: 600 Pennsylvania Avenue NW, Washington, DC 20580; www.identitytheft.gov; 1-877-ID-THEFT (1-877-438-4338); and TTY: 1-866-653-4261.  Instances of known or suspected identity theft should also be reported to law enforcement or the individual’s state Attorney General.  Alive Hospice has provided notice of this incident to the U.S. Department of Health and Human Services, as well as required state regulators.

Alive Hospice has set up a dedicated assistance line to answer questions regarding this incident. The dedicated assistance line may be reached at (888) 998-7768 (toll free), Monday through Friday from 7 am – 7 pm Central Time.

SOURCE Alive Hospice

Category: HackHealth DataU.S.

Post navigation

← Billings Clinic employee’s email hacked during overseas travel; breach affects 8,400 people
TX: Hunt Regional Medical Center Notifies Patients of Possible Breach Due to Hack of Employee Email →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Masimo Manufacturing Facilities Hit by Cyberattack
  • Education giant Pearson hit by cyberattack exposing customer data
  • Star Health hacker claims sending bullets, threats to top executives: Reports
  • Nova Scotia Power hit by cyberattack, critical infrastructure targeted, no outages reported
  • Georgia hospital defeats data-tracking lawsuit
  • 60K BTC Wallets Tied to LockBit Ransomware Gang Leaked
  • UK: Legal Aid Agency hit by cyber security incident
  • Public notice for individuals affected by an information security breach in the Social Services, Health Care and Rescue Services Division of Helsinki
  • PowerSchool paid a hacker’s extortion demand, but now school district clients are being extorted anyway (3)
  • Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The App Store Freedom Act Compromises User Privacy To Punish Big Tech
  • Florida bill requiring encryption backdoors for social media accounts has failed
  • Apple Siri Eavesdropping Payout Deadline Confirmed—How To Make A Claim
  • Privacy matters to Canadians – Privacy Commissioner of Canada marks Privacy Awareness Week with release of latest survey results
  • Missouri Clinic Must Give State AG Minor Trans Care Information
  • Georgia hospital defeats data-tracking lawsuit
  • No Postal Service Data Sharing to Deport Immigrants

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.