Arrow-right Camera
The Spokesman-Review Newspaper

The Spokesman-Review Newspaper The Spokesman-Review

Spokane, Washington  Est. May 19, 1883
Partly Cloudy Day 61° Partly Cloudy
News >  Health

Spokane Regional Health District data breach may have exposed 1,058 people

A phishing attack may have exposed the personal information of more than 1,000 Spokane Regional Health District clients.   (JESSE TINSLEY/THE SPOKESMAN-REVIEW)
A phishing attack may have exposed the personal information of more than 1,000 Spokane Regional Health District clients.  (JESSE TINSLEY/THE SPOKESMAN-REVIEW)

A data breach at the Spokane Regional Health District may have exposed the personal medical information of more than a thousand people.

In a news release, the health district said it completed last week an internal investigation of a possible phishing attack that occurred on Dec. 21.

Phishing attempts generally happen through emails or text messages. They’re typically efforts by cybercriminals to trick recipients into sharing sensitive information. The cybercriminal’s goal is often to get the recipient to click on a link which then initiates a malware download onto the person’s computer.

The health district says its investigation found that the data thief may have “previewed” some protected health information but did not discernibly open, access or download any documents.

The data breach may have exposed the personal information of 1,058 health district clients. The district said the potentially disclosed information included the following:

  • First and last names.
  • Birthdays.
  • Case numbers.
  • Counselor names.
  • Urinalysis results and dates.
  • Medications and dates of last doses.
  • Action taken, if any.

The phishing attack did not expose any Social Security numbers or financial information. The 1,058 individuals have been notified that their personal data may have been exposed.

The health district is still encouraging the 1,058 people to monitor their bank accounts for suspicious activity and advising that “Explanation of Benefits (EOB) from the insurance companies should be monitored for possible ID theft activities.”

The news release states the health district has stopped the data breach, ensured “a future connection can’t be made,” went over good cybersecurity practices with staff and tested its “system.”

Lola Phillips, the health district’s deputy administrative officer, apologized for the data breach in the release.

“We are very sorry,” Phillips said. “We have a strong commitment to safeguard your personal information, and we are working diligently to ensure that it does not happen again.”

The Spokesman-Review Newspaper

Local journalism is essential.

Give directly to The Spokesman-Review's Northwest Passages community forums series -- which helps to offset the costs of several reporter and editor positions at the newspaper -- by using the easy options below. Gifts processed in this system are not tax deductible, but are predominately used to help meet the local financial requirements needed to receive national matching-grant funds.

Active Person

Subscribe now to get breaking news alerts in your email inbox

Get breaking news delivered to your inbox as it happens.