SECURITY
SECURITY
SECURITY
Data stolen in business email compromise attack on W. Virginia hospital operator
Monongalia Health System Inc., a company that runs three hospitals in West Virginia, has been struck by a business email compromise attack.
Described Dec. 21 by the company as a “data security incident,” the attack started with an email phishing incident that led to the theft of data and hijacked payments. The company first became aware of the incident on Oct. 29 after a vendor reported not receiving payment on July 28.
An investigation found that that unauthorized individuals gained access to a Mon Health contractor’s email account and sent emails from the account to obtain funds through fraudulent wire transfers.
Along with securing the contractor’s account, law enforcement was notified and a third-party forensic firm was employed to assist. The investigation also confirmed that the compromise involved only the company’s email system and did not involve electronic health records.
That said, Mon Health further discovered that personally identifiable information in emails was compromised. Details stolen included health plan information and claims, addresses, dates of birth, patient account numbers, medical record numbers, dates of service, provider names, claims information and other medical information.
Patients affected by the breach are being informed directly and a help center has been established to assist with questions. Mon Health added that it’s reviewing and enhancing security protocols and practices, including implementing multifactor authentication for remote access to its email system.
“Business email compromise continues to be the silent killer for organizations and data breaches within various industries, including healthcare,” James McQuiggan, security awareness advocate at security awareness training firm KnowBe4 Inc., told SiliconANGLE. “Utilizing a careful cynicism or a ‘trust and verify’ mindset, organizations can implement technology solutions and user processes to prevent these successful and effective attacks.
McQuiggan noted that from a technology perspective, implementing verification of domains and sender’s email addresses is a quick fix to authenticate domains and emails to reduce the risk of an attack by a “doppelganger domain.”
“For the human element, a robust security awareness program educates employees to be aware of the red flags, spot fake emails, check the email address and verify the user by explicitly asking yourself if you were expecting the email,” McQuiggan added. “Trust but verify is the right way to make sure you don’t fall victim to email scams.”
Photo: Mon Health
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
