16,000 people are being notified of a major risk to their private health information following an email attack on a health services company. I'm talking birth dates, Social Security numbers, insurance info, diagnoses, addresses and more.
The Oakland Family Services, a nonprofit human and health services organization out of Pontiac, Michigan, is the company under fire and its patients are starting to receive the dreaded hacking warning.
On July 14, a hacker broke into an employee's email account and roamed around in the system for over 23 minutes.
In that time, the unidentified intruder sent phishing emails to a number of the employee's contacts. They also had access to incredibly private information such as names, client ID numbers, services dates, types of service provided, birth dates, telephone numbers, addresses, diagnoses, health plan ID numbers, insurance numbers and Social Security numbers.
The Oakland Family Services staff recognized the hacker after 15 minutes and worked diligently to cut him or her (or them) from the account.
After the debacle, David Partlo, director of IT at Oakland Family Services, released this statement:
"We took action within 15 minutes of the intruder gaining access to block him or her from the affected email account and based on this incident, even stronger email protocol has been implemented. We feel reassured by the fact it doesn't appear the person gained access in search of PHI (protected healthcare information), but simply to perpetuate the phishing scheme, based on the amount of time the hacker spent in the account and the actions we know he or she took."
We'll keep you updated on this situation as it develops, so make sure you stay tuned to what's Happening Now for the latest details.