After Wise Health System fell victim to a phishing attack, the hackers used the information to access an employee’s information in an attempt to reroute direct deposit checks, according to the Wise County Messenger.
The Decatur, Texas-based health system said the hackers tried to change around 100 payroll direct deposits. Wise County Messenger discovered the breach on April 5 because the hospital’s payroll system requires paper checks be printed for payrolls after any changes are made by employees.
When payroll was being processed, Wise Health System discovered an unusual number of checks that needed to be printed. This red flag spurred an investigation that found hackers gained access to the system through a phishing attack in March, Wise Count Messenger reports.
There has been no indication that the information was misused. All employees were still payed on time, and the health system required employees to change passwords immediately.
Because the security breach occurred through a phishing attack, Wise Health System has notified 35,000 patients whose information was stored in the email account that was affected. The email may have included patients’ medical record numbers, diagnostic and treatment information and potentially insurance information.
Wise Health System is offering affected patients identity theft protection services. All affected have been notified of the breach, reports Wise County Messenger.