News and Updates on Information Technology

United States – South Country Health Alliance

Exploit: Phishing
South Country Health Alliance: Health Plan Provider

Risk to Small Business: 1.812 = Severe

South Country Health Alliance, a county-owned health plan based in Owatonna, MN, experienced a data breach after a successful phishing attack let cybercriminals access the protected health data and personal information of more than 60K members. The incident has been under investigation since the attack was first confirmed in September 2020, and the filing made with HIPPA regulators noted that affected patients were informed starting 12/30/20.

Individual Risk: 2.006 = Severe

The exposed information included names, Social Security numbers, addresses, Medicare and Medicaid numbers, health insurance information, diagnostic or treatment information, death dates, provider names and information about treatment costs. The health plan is offering complimentary credit monitoring and identity protection service to impacted members.

Customers Impacted: 66,874

How it Could Affect Your Customers’ Business: Phishing attacks on healthcare targets have been increasing, as the demand for healthcare information and the opportunity afforded to cybercriminals by an overstressed healthcare system creates fresh opportunities.