Malware Attack on Oregon Endodontic Group and Humana Web Portal Breach Resulted to PHI Exposure

An office computer that Oregon Endodontic Group used was attacked by malware and possibly the attackers stole email data. The group spotted suspicious activity happening in email accounts on November 13, 2018 and started an investigation.

A third -party forensic firm assisted with the investigation to identify the data breach’s nature and magnitude. The investigators claimed that the malware variant that infected the office computer was Emotet. It is a banking Trojan that could exfiltrate information from email accounts. The investigators did not get any evidence that suggest the attackers stole email data, but data theft could have been possible.

The investigators looked into the compromised email account to figure out the type of protected health information (PHI) were exposed. The investigation was concluded on February 11, 2019.

The email account comprised limited types of data, which include names combined with one or more data elements, such as birth date, diagnosis information, treatment information, and health insurance data. The following information were also exposed: Social Security numbers of 41 individuals, the driver’s license numbers of two individuals and financial data of seven individuals.

Oregon Endodontic Group engaged an IT security firm to evaluate security controls and carry out additional controls to reinforce its email system security.

Humana reported another data breach that affected residents in Texas. Unauthorized individuals signed up on a website used by Availity, a Humana authorized service provider. The website is used for checking the eligibility and perks of a number of health plan members. The unauthorized individuals tried to obtain plan members’ eligibility and benefit verification details.

The scammers posed as physician provider groups and probably obtained a limited amount of plan members’ data since January 15, 2016 until February 14, 2019. The names, benefit information, Humana ID numbers, healthcare reminders and members’ plan effective dates were accessed. As a security measure, Humana offered credit monitoring and identity theft protection services to impacted members and cautioned them to keep track of their explanation of benefits statements for indications of fraudulent transactions. Thus far, no report was acquired with regards to PHI misuse.

Humana mentioned in its breach notification letters the fact that Availity has got policies and procedures for the safety of customer information, however, there were further measures implemented since the occurrence of the breach. There were 522 Texas residents who were members of Humana plans that were impacted by the breach.

Elizabeth Hernandez

Elizabeth Hernandez is the editor of HIPAA News section of HIPAA Coach and an experienced journalist in the healthcare sector. She specializes in healthcare and HIPAA compliance, making her a go-to source for information on healthcare regulations. Her work focuses on the importance of patient privacy and secure information handling. Elizabeth also has a postgraduate degree in journalism. Follow on Twitter: You can follow Elizabeth on twitter at