Breach affects 569 at Equitas Health after phishing attack hits staff
Equitas Health is offering one year of identity monitoring services after a phishing attack in January may have compromised patients’ protected health information.
The organization immediately investigated the incident, which revealed that an unauthorized person had access to two email accounts. Working with a forensics firm, Equitas Health determined in mid-April that as many as 569 persons may have been affected.
Eleven types of PHI were identified at risk, including Social Security numbers and driver’s license numbers.
Equitas Health serves the LGBTQ communities from 17 offices in 11 cities across parts of Ohio, Kentucky and West Virginia. Now, notification letters are going out to those whose information may have been affected, and the data breach has been reported to the HHS Office for Civil Rights and other appropriate authorities.
In addition to the monitoring services, the organization also is providing individuals with information on how to further protect their information.
“Individuals who receive a letter about this incident are encouraged to enroll in these free identity monitoring services, and should read their letter carefully and follow the instructions provided,” the organization told its members.
Additional information was not immediately available.