Stephen Borowy reports that Covenant HealthCare has been notifying an undisclosed number of patients about a data breach that occurred last May 4 when threat actor(s) accessed two employee email accounts.
According to a forensics investigation and document review, the hospital learned on Dec. 21 that the impacted email accounts were accessed on May 4.
But when did they FIRST learn that there was a breach?
Read more on WNEM. Covenant has a notice on their web site saying that they have already notified patients by mail where they had contact information.
Update of Feb. 25. Media outlets are reporting that 45,000 patients and employees were impacted.