53,000 patient records breached after phishing hack on Onco360, CareMed

Three employee email accounts were hacked in November, exposing PHI, including financial data and Social Security numbers for some.
By Jessica Davis
12:14 PM
phishing hack

A hacker breached employee email accounts of Onco360 and CareMed Specialty Pharmacy, exposing the data of 53,173 patients, according to Onco360.

Officials discovered suspicious activity on an employee’s email account in November. The oncology pharmacy company contracted an outside forensic team to investigate the incident and found a hacker got into three employee email accounts.

Those emails contained patient demographic information, medical and clinical data, health insurance information, and Social Security numbers for some patients of Onco360 and CareMed Specialty Pharmacy.

A small number of patients had financial details exposed.

After the breach, the pharmacy company changed email passwords and provided employees with further training on how to recognize suspicious emails. Further, Onco360 added additional security measures to its email platform.

The breach notice appears to imply the breach occurred by employees opening phishing emails, a common method used by hackers to leverage their way into a health system’s network.

Onco360 has contacted all patients impacted by the attack, as well as the U.S. Department of Health and Human Services and law enforcement. Officials also are providing impacted patients with free credit monitoring services and a dedicated call center to field questions.

Future-proofing security

Why cybersecurity is top of mind for forward-looking healthcare orgs.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

More regional news

Rep. Doris Matsui

Rep. Doris Matsui (Photo by Greg Nash-Pool/Getty Images)

President Joe Biden stands in front of monitors

 (Photo by Alex Wong/Getty Images)

telehealth visit using Tyto Care technology

Karen Martin, DNP, director of pediatrics, conducts a telehealth visit using Tyto Care technology.

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.