Summa Health, a healthcare company based in Akron Ohio, suffered a data breach that has affected over 500 of their patients. The healthcare company discovered that two employees were the victims of email phishing scams, one in August of 2018 and the other in March of 2019. The compromised information included patients’ names, dates of birth, medical records, patient account information, clinical and treatment information. The email accounts also contained the patient’s Social Security numbers and driver’s license numbers. Summa Health became aware of the breach on May 1st, 2019 and immediately secured the compromised email accounts and hired a forensic firm to conduct an investigation. Summa Health will provide additional training to its employees to help with privacy and security matters. They are also implementing stronger security measures to try to avoid further incidents. The health company is also notifying affected individuals of the incident.
Analyst Notes
Users who were affected by this breach should review all statements from Summa Health for fraudulent charges, and if there are any, notify Summa and the user’s insurance carrier about the charges. Summa Health is also providing complimentary credit monitoring and identity protection services for patients that had their SSN’s and drivers license numbers compromised.
