Email phishing attack compromises data of respiratory care provider

Hackers were able to breach networks of Reliable Respiratory, Norwood, Mass., in early July, and it’s now releasing details of the attack.

On July 3, the organization became aware of unusual activity in the employee’s email and identified a phishing campaign that compromised the employee’s credentials. Reliable then engaged forensic specialists to determine the nature and scope of the incident—analysis found that access was gained between June 28 and July 2.

Information that may have been affected included at least 15 different types of protected health information.

Also See: Vanderbilt issues warning about email spoofing, phishing attacks

Now, the organization is getting ready to notify an undisclosed number of affected individuals, and its executives say the company plans to offer information and access to resources to protect personal information.

“While Reliable has security measures in place to protect information in its care, it is also taking steps to implement additional safeguards and review its policies and procedures to protect the security of information on its systems,” the company told patients.



A press release about the incident does not mention whether the company will extend services to affected individuals, such as credit and identity theft monitoring. For now, affected individuals are being told to remain vigilant against identity theft, review account statements and explanations of benefits, monitor credit reports and get free credit reports from each of the major credit reporting bureaus.

“Potentially impacted individuals may also find information regarding identity theft, fraud alerts, security freezes and the steps they may take to protect their information by contacting the credit bureaus, the Federal Trade Commission or their state attorney general,” Reliable advised.

Additional information on the attack was not immediately available.