AU Medical Center patients data possibly compromised by attack on faculty email accounts

Nearly five months after it happened, AU Medical Center announced that some patients may have had their personal information compromised by an attack on faculty email accounts, the hospital announced today.


The attack known as phishing, where users unknowingly open up legitimate-seeming but phony emails or links that allow a third party to gain access to their email accounts and personal information, apparently happened to two faculty accounts on April 20-21, according to the hospital and Chief Integrity Officer Jim Rush. An investigation concluded on July 18 that a third-party had unlawfully gained access to the accounts and potentially the information.

The hospital then had 60 days to report the attack, which was by Friday, and needed that time to look into everyone who may have been affected and set up ways to monitor the accounts and information, Rush said. Letters have gone out to those who might have been affected and provide information on how they can monitor their personal information to see if it is being improperly used. Rush emphasized that there is no evidence that patients’ information was accessed and misused

The two faculty email accounts, which the hospital said were immediately frozen, contained the patient names and any number of other information, including address, date of birth, Social Security number, drivers license number, “financial account information” and prescription, diagnosis and treatment information.

The attack concerned less than one percent of the hospital’s patients, which Rush said was a few thousand potentially affected. It is the third large data breach the hospital has had but all of them have been of a similar or smaller size. Recent large data breaches at other organizations have involved hundreds of thousands or millions of customers, Rush said.

The hospital is also providing extensive training on how to spot similar attacks and handle suspicious emails, Rush said. Unfortunately, attacks like this are something businesses now routinely have to defend against, he said.

“It’s not just us,” Rush said. “It’s every organization around us.”

The hospital has set up a toll-free line for those who have questions at 888-735-5670 that will be staffed from 9 a.m. to 9 p.m. Monday through Friday.

“My hope is that it never happens again,” Rush said.

Reach Tom Corwin at (706) 823-3213 or