LOGANSPORT, Ind. (WLFI) — Logansport Memorial Hospital patient information is safe after a cybersecurity breach. The incident happened in late February when an employee's email was hacked.
One wrong click of the keyboard has lead Logansport Memorial Hospital leaders into an ongoing cyber-breach investigation.
“Well we had an individual that received an email and then it had a link into it and that's called a phishing attempt,” said Dan Hildebrand, vice president of the hospital's information systems and facility operations.
The hospital isn't calling it a hacking but a phishing attack. This is when log-in information is obtained through a fake but legitimate looking email. It'll ask for information like your username and password, giving the scammer access into your account.
One Logansport Memorial Hospital employee fell victim to this.
“She thought that she was logging into our site here locally so that's where she entered in her username and password,” said Hildebrand. “Thinking that she was logging in internally, she didn't realize that she was being redirected to a hosted site.”
From there the scammer was able to log into the employees account as if it were her.
“They were able to just log in remotely, see her email and then there but setting adapt to be a relay to start spamming other people,” said Hildebrand.
The hospital is happy to know the only damage done was spamming emails to other employees. The employee had patient information in her email, but after a month long investigation, the hospital confirms no personal data was extracted.
Logansport Memorial Hospital CEO Perry Gay said their mission moving forward is to continue keeping patients safe.
“We'd like to say that we have a full proof technology but those who think they have a full proof technology are the first ones who are going to realize that they don't,” said Gay. “We try to make sure that we stay ahead of the game and we are doing everything we can to keep your personal health information safe every single day.”
Since the incident, employees have gone through extensive cyber-safety training. Hospital leaders are still investigating the source of the attack.