December 2, 2023

The federal government of Philadelphia mentioned hackers spent at the very least three months inside metropolis e mail methods, giving them extensive entry to well being data saved in e mail accounts.

The town didn’t reply to requests for remark about how many individuals had been affected by the scenario, however in a discover launched on Friday officers mentioned an unauthorized actor had entry to some metropolis e mail accounts from Might 26 to July 28.

The town grew to become conscious of suspicious exercise in its e mail surroundings on Might 24 however didn’t clarify the discrepancy between the dates listed within the discover. The town found on August 22 that a few of the e mail accounts accessed had protected well being data in them, however subsequently waited till October to inform residents.

“The Metropolis’s complete, programmatic and guide assessment is ongoing, and the sorts of data impacted differ by particular person. Nevertheless, the sorts of data impacted might embody: demographic data, comparable to identify, handle, date of beginning, social safety quantity, and different contact data; medical data, comparable to prognosis and different therapy associated data; and restricted monetary data, comparable to claims data,” they defined.

“Upon studying of this occasion, we instantly took steps additional [sic] safe our methods and e mail surroundings. As a part of our ongoing dedication to data safety, we’re additionally reviewing our current insurance policies and procedures, implementing further administrative and technical safeguards to additional safe data in our care, and offering further coaching on tips on how to safeguard data in our e mail surroundings.”

Metropolis officers reported the difficulty to different regulators in addition to the U.S. Division of Well being, which has not but added the occasion to its public checklist of reported breaches.

The town mentioned it’s nonetheless working with a cybersecurity agency to research the incident. That is the newest breach involving town after two incidents in 2020. One incident concerned a breach of a contractor for the Metropolis’s Division of Behavioral Well being and Mental Incapacity Companies that leaked the delicate data of greater than 108,000 individuals.

The town notified one other 49,000 residents of a phishing assault that gave hackers entry to metropolis e mail inboxes.

Each the Philadelphia Inquirer and the Philadelphia Orchestra handled cyberattacks earlier this yr.

Get extra insights with the

Recorded Future

Intelligence Cloud.

Study extra.

No earlier article

No new articles

Jonathan Greig

Jonathan Greig is a Breaking Information Reporter at Recorded Future Information. Jonathan has labored throughout the globe as a journalist since 2014. Earlier than shifting again to New York Metropolis, he labored for information shops in South Africa, Jordan and Cambodia. He beforehand lined cybersecurity at ZDNet and TechRepublic.