Baystate Health Data Breach (2016)

Information of 13,000 Baystate patients possibly compromised due to "phishing" Baystate learned that a "phishing" email had been sent to several Baystate employees allowing hackers to access some employees' email accounts. The hacker designed the phishing email to look like an internal Baystate memo to employees. The investigation determined that 5 Baystate employees had responded to the phishing email. This allowed the hackers to gain access to the employees' email accounts. Some of the emails in those accounts included patient information. The information in the emails may have included patients' names and dates of birth, diagnosis, treatment received, medical record number and, in some instances, health insurance identification number.