In a news release, the health district said it completed last week an internal investigation of a possible phishing attack that occurred on Dec. 21.
Phishing attempts generally happen through emails or text messages. They're typically efforts by cyber criminals to trick recipients into sharing sensitive information. The cyber criminal's goal is often to get the recipient to click on a link which then initiates a malware download onto the person's computer.
The health district says its investigation found that the data thief may have "previewed" some protected health information but did not discernibly open, access or download any documents.
The data breach may have exposed the personal information of 1,058 health district clients. The district said the potentially disclosed information included the following:
- First and last names
- Birthdays
- Case numbers
- Counselor names
- Urinalysis results and dates
- Medications and dates of last doses
- Action taken, if any
The health district is still encouraging the 1,058 people to monitor their bank accounts for suspicious activity and advising that "Explanation of Benefits (EOB) from the insurance companies should be monitored for possible ID theft activities."
The news release states the health district has stopped the data breach, ensured "a future connection can't be made," went over good cybersecurity practices with staff and tested its "system."
Lola Phillips, the health district's deputy administrative officer, apologized for the data breach in the release.
"We are very sorry," Phillips said. "We have a strong commitment to safeguard your personal information, and we are working diligently to ensure that it does not happen again."
©2022 The Spokesman-Review, Distributed by Tribune Content Agency, LLC.
