Georgia-based correctional health provider CorrectHealth has been impacted by a cyberattack last November that compromised data belonging to 54,000 individuals, HealthITSecurity reports.
Suspicious activity in employee email accounts was identified by CorrectHealth on Nov. 10, 2021, with the provider investigating the information that may have been exposed between March and July 2022, where names, addresses, and Social Security numbers were found to have been compromised, according to a breach notice sent by CH to the Maine Attorney General's Office.
"Additionally, CH issued a company-wide password reset for all employees, employed an advanced phishing service for CHs email tenant, began putting disclaimers on all externally received emails, implemented Multi-Factor Authentication for all administrative staff, began rolling out a Single Sign On solution for clinical staff, and effected weekly data security and monthly simulated phishing training for all employees," said CH, which added that there has been no evidence of any attempted abuse of the exposed data.
