A hospital system in West Virginia has been affected by a data leak stemming from a phishing attack that allowed hackers to gain access to multiple email accounts.
Monongalia Health System — which operates the Monongalia County General Hospital Company and Stonewall Jackson Memorial Hospital Company — said hackers gained access to several email accounts containing sensitive information from patients, providers, employees and contractors between May 10 and August 15.
The company ended its investigation on the incident on October 29 and attributed the attack to a phishing incident.
The company said that “the purpose of the unauthorized access to the email accounts was to obtain funds from Mon Health through fraudulent wire transfers and to perpetrate an email phishing scheme, not to access personal information.”
Mon Health began sending notification letters to victims on December 21 and set up a toll-free call center for customers who wanted to ask questions.
Monongalia did not immediately have information on how its other hospitals, including Mon Health Preston Memorial Hospital and Mon Health Marion Neighborhood Hospital, might be affected by the attack.