Baystate Health Data Breach (2016)

Massachusetts-based Baystate Health recently announced that several of its employees had fallen victim to a phishing scam, which potentially exposed the information of approximately 13,000 patients. Potential health data breach caused by phishing scam in Massachusetts Baystate learned on August 22, 2016 that five of its employees responded to a phishing email. The email had reportedly been designed to look like an internal Baystate memo, according to the health system’s online statement. The hackers were able to gain access to the employee email accounts, which included certain patient information. While Social Security numbers and other financial information were not included in the emails, patient names, dates of birth, diagnoses, treatments received, medical record numbers and, in some instances, health insurance identification numbers were included.