Over 21,000 Patients’ PHI Potentially Exposed Due to Reliable Respiratory Phishing Attack

Reliable Respiratory, a respiratory care provider located in Norwood, MA, has experienced a phishing attack that has potentially affected 21,311 patients. Strange activity in the email account of an employee was identified on July 3, 2018, suggesting a third party may have gained access to the email account. An investigation revealed the employee had responded to a phishing email and disclosed login credentials which allowed the attacker to remotely access the employee’s email account.

The email account was secured and computer forensics experts investigated and confirmed that the email account was accessed by an unauthorised person between June 28 and July 2, 2018. Many of the emails in the account included patients’ protected health information (PHI).

Reliable Respiratory is now informing patients via mail that their PHI may have been accessed. Affected patients have been advised to check their accounts and explanation of benefits statements for suspicious transactions. It wasn’t stated in the substitute breach notice if Reliable Respiratory has offered affected patients free credit monitoring and identity theft protection services.

Patients potentially affected may have had the following PHI exposed: Names, birth dates, clinical diagnoses, medical record numbers, treatment information, prescription drugs details, usernames and passwords, medical insurance details, state ID numbers, driver’s license numbers, passport numbers, Social Security numbers, claim/billing information, bank account information, and credit card or debit card details.

Reliable Respiratory is augmenting its security controls and is revising its policies and procedures to reduce the risk of further phishing attacks. A data breach report has been sent to the Department of Health and Human Services’ Office for Civil Rights and other appropriate athorities have ben notified of the breach.

Carpenters Benefit Funds of Philadelphia also reported a similar email breach to OCR on August 31, 2018. The hacker possibly accessed the personal information of 20,015 plan members that was contained in emails in the compromised account.

At the time of publication, a breach notice has not yet been posted on the Carpenters Benefit Funds of Philadelphia website. No media outlet has been informed so the particulars of the breach are unclear.