An unauthorized person has been found to have obtained access to the email credentials of one the employees at RiverMend Health, a provider of specialty behavioral health services including services for drug and alcohol addiction.
The unauthorized access was discovered by the Augusta, GA-based group on August 10, 2017, when it was noticed that suspicious emails were being sent from the employee’s account. The suspicious email activity was looked into and access to the account was prevented from August 11, 2017. The investigation showed the account was first accessed in the 14 days previous to July 27.
In those the two weeks that the email account was breached, it is possible that the employee’s emails were accessed by the hacker. Those emails included a variety of protected health data of 1,300 current and former patients. RiverMend Health has contracted a leading computer forensics firm to aid with the investigation and determine the full extent of the breach and the range of the attack. RiverMend Health has not revealed how access to the email account was obtained, but has commented that measures have been taken to avoid further breaches of this nature.
The investigation has not found any proof to insinuate that emails – and PHI – were accessed, stolen, or misused, nor that the theft of protected health data was the motivation for the attack. However, it was not possible to eliminate PHI access with a high degree of certainty.
Affected patients have now been notified of the breach by mail and have been made aware that the following information was possibly accessed: names, age or date of birth, address, referral source, RiverMend facility used, services rendered, demographic information, insurance and/or billing details, and diagnostic details and data.
All patients that may have been put under risk of harm by the breach have been encouraged to use caution and check their credit reports, accounts, and explanation of benefits statements for any sign of unusual transactions activity and to report the same to RiverMend as soon as possible.