In January, Metropolitan Jewish Health System in Brooklyn, N.Y., fell prey to a phishing scam.
Here are four things to know about the cyberattack.
1. An employee of an MJHS affiliated organization was sent a phishing email and responded to it on Jan. 18, thinking it was a legitimate request. The health system learned of the incident Jan. 22, according to the health system's statement.
2. The employee's email account contained information including patient names, member numbers, diagnoses, treatment dates and treatment locations. "MJHS continues to review other employees' email accounts and will advise if any additional information, members, or patients are affected," according to the statement.
3. Information of 2,483 patients was compromised in the phishing scam, according to a HIPAA Journal report.
4. The health system does not have any evidence information potentially compromised in the phishing scam has been used inappropriately, but MJHS mailed letters to affected patients in March. Additionally, the health system set up a call center to handle any questions relating to the incident.