The data breach began with a compromised employee email account.

Dark Reading Staff, Dark Reading

November 20, 2020

1 Min Read

Mercy Iowa City hospital this week reported that an internal email compromise and phishing email incident led to the exposure of personal information of some 60,473 individuals.

An attacker had compromised a hospital employee's email account and sent out phishing emails between May 15 and June 24, 2020. This ultimately led to the exposure of recipients' names, Social Security numbers, driver's license numbers, dates of birth, medical treatment information, and health insurance data. The hospital said in a letter to the affected individuals that it was not aware of any instances of fraud or identity theft as a result of the breach.

Mercy Iowa City is offering 12 months of free credit monitoring and identity theft protection for individuals whose SSNs or driver's license numbers were affected.

Read more here.

 

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights