Unauthorized access to an employee email account at Mercy Hospital in Iowa City, Iowa may have revealed the personal information of over 60,000 residents of Iowa, according to a notification that the hospital and its attorneys filed with the state and sent to affected individuals. The data revealed included names, Social Security numbers, driver’s license numbers, dates of birth, medical treatment information and health insurance information. The email account was compromised from May 15, 2020 until June 24, 2020 when the unauthorized access was discovered after the account sent spam and phishing email messages. A more thorough investigation was conducted several months later, in October, which revealed that the data in the email account contained protected health information.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.