An investigation is underway after a “spear phishing” incident impacted the personal information of all Main Line Health employees.
Officials say a “spear phishing” email was sent to a Main Line Health employee on February 16. The employee believed it was a legitimate email and responded to its request by providing the personal information of all Main Line Health employees. Officials determined the email was actually part of a nationwide phishing scheme in which criminals use fake emails in order to get personal information.
Main Line Health set up resources to help employees including a call center to answer questions and provide information on how to monitor their financial accounts. Officials say no patient information was released or compromised during the incident. The IRS and the FBI are all investigating.
"The safety and security of Main Line Health's employees is our priority, and we are establishing resources to provide our employees with as much support as possible during this time," said Jack Lynch, President and CEO, Main Line Health. "We are currently conducting a review of internal policies and procedures to identify ways in which to enhance existing safeguards to help prevent incidents of this nature in the future. Identity theft and other forms of electronic fraud have become increasingly prevalent, and I want to urge our colleagues at other health care organizations as well as our regional business partners to take immediate action to educate their employees against phishing attempts.”