Phishing attacks continue to hit health care providers and experts say the attacks will become even more frequent in 2019. As previously reported, the largest breach of health care information was recently settled by Anthem, which involved almost 80 million individuals’ information, all caused by a phishing email sent to one individual at Anthem [view related posts here and here].

One employee’s click on one phishing email can compromise large data sets, which emphasizes the need to educate employees and give them tools to recognize phishing emails.

Unfortunately, this is what happened to one employee at Southwest Washington Regional Surgery Center in Vancouver, Washington. According to officials there, hackers launched a phishing scheme and one employee at the surgery center clicked on it. The hackers were in the system from May 27-August 13, 2018, with access to some of the surgery center’s patients’ information, including names, addresses, Social Security numbers, drivers’ license numbers, credit card information, and medical information.

Following the breach, the surgery center updated passwords and enhanced email access protocols, which companies may wish to consider implementing before an incident.