DES MOINES, Iowa- Unity Point Health is sharing details of an email phishing scam, that may have exposed personal information of 1.4 (M) million patients. Unity Point says it stemmed from emails sent to employees that appeared to have been sent by an executive in the health group. Some employees gave their personal sign in information, giving the scammers access to internal email. The scam was uncovered in May.
Unity Point Health released a statement this (Monday) afternoon:
Today our organization shared some difficult and disappointing news about a security incident that may have exposed some personal information for a large number of current and former patients.
We know you count on us to keep you well and support your healthcare needs. So on behalf of our leaders, our care providers and our dedicated teams, we want to tell you how truly sorry we are that this has happened.
Please be assured that we have worked to identify the problem, secure our systems and minimize the risk of this kind of criminal attack affecting our organization again.
Our immediate priority is to make sure that you – our patients and the communities we serve – get the answers you need. We’ve mailed letters, we’ve notified the media, we’ve opened a call center and we’ve set up a dedicated website (www.unitypoint.org/security-notice) with details on the situation and tips for protecting your information. We’ve engaged leading cyber experts to navigate this issue with us. And we are ready to support your questions and concerns.
It is our great honor to care for people across the Midwest. Our 30,000 team members take that responsibility very seriously and are committed to giving each person the type of experience we'd want for our own loved ones. As a partner in your health journey, please know you are important to us and we will learn from this incident to make healthcare better for you and for our communities.