The organization believes the breach occurred due to an employee’s email being compromised in a phishing attack.
Patients’ names, member numbers, Medicaid numbers, diagnoses, detailed incident descriptions and levels of care may have all been revealed in the breach. Northeast currently serves 180,000 patients across four Pennsylvania counties.
The consortium’s breach announcement did not specify how many patients were affected by the breach, and it said it is not aware of any fraud or misuse of personal information, according to the publication. Northeast has since hired a cybersecurity firm to assess the incident and has taken steps to prevent another attack.
