Saint Louis University Admits Data Breach

Missouri’s Saint Louis University (SLU) recently began notifying approximately 3,000 people that their protected health information may have been exposed by a phishing scam (h/t

On August 8, 2013, the university learned that some employees had provided their account information in response to phishing e-mails sent on July 25. An investigation determined that about 10 employees’ direct deposit information was changed, though no unauthorized financial transactions had taken place.

The university also found, however, that the phishing scam had provided access to about 20 e-mail accounts that held approximately 3,000 people’s personal health information, as well as approximately 200 Social Security numbers.

“Some of the individuals whose information was included in the emails were patients treated or reviewed by a SLU physician at facilities owned by the Tenet Healthcare Corporation or SSM Health Care,” SLU stated. “The University is working with these health care partners in its response efforts.”

While the university believes that the scam was aimed primarily at accessing financial information, SLU is providing all those affected with one free year of credit monitoring and identity theft protection services.

Jeff Goldman
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Related articles