Skip to content

Search Prisma Health

Looking for a doctor? Try our Find a doctor search.

Get COVID-19 updates | COVID-19 Vaccine

Palmetto Health addresses phishing incident

Friday, March 29, 2019

COLUMBIA, S.C.—Palmetto Health is notifying individuals of an email phishing incident that resulted in unauthorized access to individual email boxes. The incident was limited to certain employee email accounts, and did not affect our medical record systems. We believe the purpose of the unauthorized access was to gain access to payroll information.

Upon discovery, we blocked the unauthorized access and then engaged outside technical experts to investigate the incident thoroughly to evaluate the full nature and scope of the access. These experts determined that unauthorized access may have first occurred this past November. They also searched to determine whether sensitive data was located within any of the potentially accessed emails. These same emails were also hand reviewed to obtain names and mailing addresses for use in notification.

After completing this extensive review process, on February 19, 2019, we were alerted to the names of the individuals whose information was within the accounts – which contained some patient names and other patient information typically used by a health care provider in the course of providing treatment or consultation. A lesser portion of the emails contained social security numbers and medical insurance information.

Phishing involves a scammer sending an email that looks perfectly legitimate, but in reality, the email has a malicious link or document within it that, when accessed, allows the scammer to gain the recipient’s email account/passwords – often without the knowledge of the email account owner.

Palmetto Health values the safety and security of patient and employee information and is continuing to take steps to enhance its security measures to help prevent something like this from happening in the future. We attempted to notify by letter at the last known address and by substitute notice every person who was affected by this incident. While we have no evidence that any patient information contained in the affected email accounts has been used inappropriately, we are offering complimentary identity theft protection services to those whose financial data could have been accessed. We recommend affected persons to remain vigilant and monitor account statements and credit reports carefully and to report discrepancies to law enforcement. Fraud alerts and security freezes also can be activated to help protect individuals.

Anyone with questions or concerns can call a toll-free hotline at 877-239-1279, Monday through Friday, from 9 a.m. to 9 p.m. EST, excluding holidays. The call center will be open until Friday, June 28, 2019.

Back to News