Simon Eye Management’s hacked email accounts contained personal health information of more than 144,000 patients
Share this article on:
Wilmington, DE-based Simon Eye Management suffered a breach of its email environment and hackers potentially gained access to the protected health information of 144,373 patients.
Simon Eye identified suspicious activity in certain employee email accounts on or around June 8, 2021. Immediate action was taken to secure the accounts and prevent unauthorized access, and an investigation was launched to determine the nature and the extent of the violation. Assisted by third-party security experts, Simon Eye determined that unauthorized individuals gained access to employee email accounts between May 12 and May 18, 2021.
The incident was an attempted Business Email Compromise (BEC) attack, where employee email accounts are compromised and used in a scam to trick employees into making fraudulent wire transfers, in this case through the manipulation of bills. Simon Eye said none of the attackers’ attempts were successful.
Although access to patient data does not appear to be the attackers’ goal, the email accounts they were able to access contained protected patient health information and it is possible that PHI was accessed or obtained during of the attack. Simon Eye found no evidence that patient information was accessed or stolen, and no instances of actual misuse or attempted misuse of patient data as a result of the cyber attack were identified. reported.
A full review was performed to identify patients whose PSRs appeared in emails and attachments. The review confirmed that the following types of patient data were present in the accounts: name, medical history, treatment/diagnosis information, health information, health insurance information, and application information. insurance and/or claims. A subset of individuals also had their social security number, date of birth, and/or financial account information exposed.
Simon Eye has additional data security protocols in place to improve email security and is in the process of verifying contact details for all affected patients. Notification letters will be mailed to these individuals in due course.