UPDATED 20:34 EDT / DECEMBER 22 2021

SECURITY

Data stolen in business email compromise attack on W. Virginia hospital operator

Monongalia Health System Inc., a company that runs three hospitals in West Virginia, has been struck by a business email compromise attack.

Described Dec. 21 by the company as a “data security incident,” the attack started with an email phishing incident that led to the theft of data and hijacked payments. The company first became aware of the incident on Oct. 29 after a vendor reported not receiving payment on July 28.

An investigation found that that unauthorized individuals gained access to a Mon Health contractor’s email account and sent emails from the account to obtain funds through fraudulent wire transfers.

Along with securing the contractor’s account, law enforcement was notified and a third-party forensic firm was employed to assist. The investigation also confirmed that the compromise involved only the company’s email system and did not involve electronic health records.

That said, Mon Health further discovered that personally identifiable information in emails was compromised. Details stolen included health plan information and claims, addresses, dates of birth, patient account numbers, medical record numbers, dates of service, provider names, claims information and other medical information.

Patients affected by the breach are being informed directly and a help center has been established to assist with questions. Mon Health added that it’s reviewing and enhancing security protocols and practices, including implementing multifactor authentication for remote access to its email system.

“Business email compromise continues to be the silent killer for organizations and data breaches within various industries, including healthcare,” James McQuiggan, security awareness advocate at security awareness training firm KnowBe4 Inc., told SiliconANGLE. “Utilizing a careful cynicism or a ‘trust and verify’ mindset, organizations can implement technology solutions and user processes to prevent these successful and effective attacks.

McQuiggan noted that from a technology perspective, implementing verification of domains and sender’s email addresses is a quick fix to authenticate domains and emails to reduce the risk of an attack by a “doppelganger domain.”

“For the human element, a robust security awareness program educates employees to be aware of the red flags, spot fake emails, check the email address and verify the user by explicitly asking yourself if you were expecting the email,” McQuiggan added. “Trust but verify is the right way to make sure you don’t fall victim to email scams.”

Photo: Mon Health

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU