dcsimg

Saint Louis University Admits Data Breach

Download our in-depth report: The Ultimate Guide to IT Security Vendors

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Email  

Missouri's Saint Louis University (SLU) recently began notifying approximately 3,000 people that their protected health information may have been exposed by a phishing scam (h/t PHIprivacy.net).

On August 8, 2013, the university learned that some employees had provided their account information in response to phishing e-mails sent on July 25. An investigation determined that about 10 employees' direct deposit information was changed, though no unauthorized financial transactions had taken place.

The university also found, however, that the phishing scam had provided access to about 20 e-mail accounts that held approximately 3,000 people's personal health information, as well as approximately 200 Social Security numbers.

"Some of the individuals whose information was included in the emails were patients treated or reviewed by a SLU physician at facilities owned by the Tenet Healthcare Corporation or SSM Health Care," SLU stated. "The University is working with these health care partners in its response efforts."

While the university believes that the scam was aimed primarily at accessing financial information, SLU is providing all those affected with one free year of credit monitoring and identity theft protection services.

Submit a Comment

Loading Comments...