AP NEWS
ADVERTISEMENT
Press release content from Business Wire. The AP news staff was not involved in its creation.
PRESS RELEASE: Paid content from Business Wire
Press release content from Business Wire. The AP news staff was not involved in its creation.

Orlando Family Physicians Experiences Email Phishing Incident

July 20, 2021 GMT

ORLANDO, Fla.--(BUSINESS WIRE)--Jul 20, 2021--

Orlando Family Physicians, LLC (OFP), a physician practice located in Orlando, was the victim of a phishing email that resulted in unauthorized access to four employee email accounts. Importantly, OFP is not presently aware of any misuse of the personal information about patients or other individuals contained in the affected email accounts. OFP has sent this press release to meet its obligations under federal and state law.

On April 15, 2021, an unauthorized person accessed the email account of an OFP employee by obtaining the employee’s user ID and password through a phishing email. OFP immediately took steps to contain the incident and began an investigation to determine the scope of the incident. OFP retained a leading cybersecurity forensics firm to assist with its investigation and identified three additional employee email accounts that the unauthorized person accessed. OFP terminated the unauthorized access to each of the four affected employee email accounts within 24 hours of the initial unauthorized access to the account.

ADVERTISEMENT

On May 21, 2021, OFP determined that there may have been unauthorized access to personal information contained in the four email accounts. On July 9, 2021, OFP identified the OFP patients, prospective patients, employees and other individuals whose personal information was included in the affected email accounts. The email accounts included the following types of personal information, but not all of the types were present for each affected individual: name; demographic information; health information, including diagnoses, providers and prescriptions; health insurance information, including legacy Medicare beneficiary number derived from the individual’s Social Security number or other subscriber identification number; medical record number; patient account number; and passport number.

The available forensic evidence clearly indicates that the unauthorized person’s purpose was to commit financial fraud against OFP and not to obtain any personal information about the affected individuals. Nonetheless, OFP notified the affected individuals of the incident because of the possibility of unauthorized access to their personal information. To prevent similar incidents in the future, OFP enhanced its technical security measures and is providing supplemental training to OFP employees regarding the importance of email security.

OFP encourages affected individuals to remain vigilant for identity theft by regularly reviewing their account statements from their health care providers, explanations of benefits from their health plan and other documents related to medical services. Affected individuals with questions or concerns regarding this incident may contact OFP toll-free by calling (855) 545-2005.

ADVERTISEMENT

View source version on businesswire.com:https://www.businesswire.com/news/home/20210720006100/en/

CONTACT: Cristina Gomez, Director of Member Acquisition

Phone: (407) 371-8555

Email: cgomez@premierhealthnetwork.net

KEYWORD: UNITED STATES NORTH AMERICA FLORIDA

INDUSTRY KEYWORD: TECHNOLOGY GENERAL HEALTH HEALTH SECURITY

SOURCE: Orlando Family Physicians, LLC

Copyright Business Wire 2021.

PUB: 07/20/2021 02:22 PM/DISC: 07/20/2021 02:22 PM

http://www.businesswire.com/news/home/20210720006100/en