Administrators at Aultman Hospital in Canton are advising some of their patients that information about them may have been compromised in a recent data breach.
Tim Regula, vice president of compliance and audit for Aultman Health Foundation, says the breach happened after they noticed an increase in phishing emails to hospital accounts earlier in the year.
Phishing emails are bogus emails that appear to be from legitimate senders asking for confirmation of passwords or other security information.
Regula says in this case the emails asked employees to open an electronic document they were told needed their signature.
“Unfortunately, a few of our employees fell victim to that and clicked on them and maybe entered some information; we are not sure what, but that’s our best suspicion is that’s what started it,” said Regula.
Regula said although a small number of accounts, as few as eleven, were compromised, the breach gave the sender access to other emails that may have contained sensitive information.
“There was patient information; there was social security numbers, driver’s license, medical record numbers. Some of them had chief complaint or a doctor’s name and so, like I said, it was bits and pieces of all of those or just maybe one of them,” said Regula.
The hospital says the access was limited to a specific email account and did not compromise electronic medical records or other sensitive data.
The hospital says they believe the sender was looking for financial information such as wire transfers.
Regula believes none of the compromised information has been misused.
