Nashville healthcare company Aspire Health is still trying to identify a hacker that attacked its email system and took some patient health information, according to a report by The Tennessean.
According to the report, the company disclosed the hack in federal court records filed earlier this week. The hack occurred on Sept. 3 after a phishing attack accessed Aspire’s internal email system.
The hacker then forwarded more than 100 emails to an external email account. The emails included “confidential and proprietary information and files” and “protected health information” and it’s unclear how many patients were exposed.
“No other information about the contents of the hacked emails have been made public, so it is unclear how many patients have been exposed and what kind of information was leaked. Aspire has issued a statement saying it has already alerted a 'small handful' of patients who 'may have been impacted' by the email breach,” the report said.
After being made aware of the attack, the company immediately locked the compromised email account. It’s still trying to identify the hacker but said the attack originated from a website with an Eastern Europe IP address.
To read the full report, click the link below.