38,000 Patients’ PHI Exposed Due to Legacy Health Phishing Attack


Legacy Health found an unauthorized person has obtained access to its email system as well as the protected health information (PHI) of about 38,000 patients.

The Portland, Oregon-based health system manages two regional hospitals, seventy clinics and four local community hospitals in Oregon, Southwest Washington, and in the Mid-Willamette Valley. Legacy Health is the second leading health system in the Portland Metro Area.

The security breach was identified on June 21, 2018, but the unauthorized individual first accessed the email accounts in May. Legacy Health concluded that access to the email accounts was obtained due to staff who were fooled by phishing emails.

It will require plenty of time to inspect the email breaches. Though tools are readily available to check email accounts if they contain PHI, plenty of emails in exposed accounts should be separately inspected, which can require manual inspections of a huge number of messages. As stated by Legacy Health Spokesperson Kelly Love, they are working at as fast as they could to be careful and clear.

To hasten the investigation, Legacy Health acquired assistance from a top rated computer forensics company to investigate the breach. As per the investigators, data like names, dates of birth, medical insurance information, medical data pertaining to care given at Legacy Health facilities, billing data, Driver’s license numbers and Social Security numbers might all have been viewed. Legacy Health does not know of any patient data being used incorrectly.

Legacy Health notified impacted persons on August 20 and patients who had their driver’s license number or Social Security number exposed were provided credit monitoring services for one year for free.

The media likewise publicized an announcement updating the Oregonian. The Department of Health and Human Services got the notification within the 60-day time frame allowed by the HIPAA Breach Notification Rule. Legacy Health already took action to enhance email security and avoid any more data breaches.