Overlake Medical Center & Clinics, a 364-bed non-profit hospital in Bellevue, Wash., has been attacked by an email phishing incident which was discovered on Dec. 9, according to a press release from the clinic.
Over 109,000 patients were affected by the phishing attack. The press release states that, through the phishing scam, third parties were able to access the first affected accounts from Dec. 6 through Dec. 9.
After an investigation, the clinic says they cannot rule out that the third parties were able to access personal identifying information such as demographic information, health insurance information, and certain health information that was related to the care at Overlake Medical Center.
The hospital points out that there has been no known or attempted misuse of patient information reported as a result of the phishing attack. In addition, the hospital began mailing letters to the affected patients on Feb. 4. Also, the hospital recommends that patients review their invoices carefully and notify the hospital and other healthcare providers if their invoices show any services that they did not receive.
No social security numbers or any financial information was compromised as a result of the phishing attack and there has been no reports that the information gathered has been misused in any way.
Overlake Medical Center has stated that it has taken steps to prevent similar breaches in the future, such as increasing email security measures, putting into effect a multi-factor authentication for the email accounts at the hospital, and providing security awareness training for hospital employees, as well as putting in place new email retention policies.
Overlake Medical Center Is One of Many Targets
Hospitals and the healthcare industry are seeing an increasing amount of cyberattack activity. In November, it was reported that the number of hospitals hit by cyberattacks had increased exponentially over the past year. On Sept. 30 alone, there were ransomware attacks on ten hospitals, just in that one day — three in Alabama and seven in Australia.
A ransomware attack usually starts when an entity like a school or a hospital receives a malware link via email. When an unsuspecting individual opens the email, the hackers are able to then access the system.
After the attack of ransomware, individuals are usually locked out of the system until a ransom is paid to the hackers. The amount could be in the form of thousands of dollars in order to have their systems restored back to normal. That said, paying the hackers off will not ensure that the hacking will stop.
The hospitals in Alabama that were victims of the ransomware attacked had to shut down almost completely. According to CNN, the hackers were paid off and a decryption key was obtained so that they could get their systems up and running again.
When hospitals and other healthcare facilities are the object of ransomware attacks, it can shut down the most important aspects of their services, including the all important emergency room services. In addition, medical practices may have to completely close, as they will not be able to perform the services that their patients desperately need.
Join a Free Hospital Ransomware Attack Class Action Lawsuit Investigation
If you were a patient at a hospital or healthcare facility affected by a ransomware attack that impacted your medical care, you may qualify to join a hospital ransomware attack class action lawsuit investigation.
This article is not legal advice. It is presented
for informational purposes only.
ATTORNEY ADVERTISING
Top Class Actions is a Proud Member of the American Bar Association
LEGAL INFORMATION IS NOT LEGAL ADVICE
Top Class Actions Legal Statement
©2008 – 2025 Top Class Actions® LLC
Various Trademarks held by their respective owners
This website is not intended for viewing or usage by European Union citizens.
4 thoughts onOverlake Medical Center Latest Victim of Cyberattacks on Hospitals
Please add me
ADD me
Add me to the list
Please add me