Atrium Health Wake Forest Baptist Hit by Cyberattack

The attack was conducted through a phishing email.

By HFT Staff

On April 20, 2023, Atrium Health Wake Forest Baptist learned that an unauthorized third party gained access to an employee’s email account on that same day through phishing. “Phishing” occurs when an email is sent that looks like it is from a trustworthy source, but it is not. The malicious email misleads the recipient to share or provide access to their account login information. 

They immediately began an investigation, took the necessary steps to secure the affected account and confirmed the unauthorized third party had no further access. Wake Forest Baptist also engaged a computer forensic firm to assist them with their investigation and notified law enforcement. Based on their findings, it appears the unauthorized third party had access to the affected account for a short time between April 18, 2023 – April 20, 2023. The forensic examination indicated the activity of the unauthorized third party was not focused on email content pertaining to medical or health information.  

Unfortunately, it was not possible to conclusively determine whether the unauthorized third party actually viewed any emails or attachments in the account. As a result, they conducted a review of the account to determine what information may have been accessible to the unauthorized third party. The information involved varied by individual, but generally included names, dates of birth, hospital account record numbers, health insurance information, treatment cost information, and/or clinical information, such as dates of service, provider names or locations of service. In some instances, patients' Social Security numbers were also identified in the account.  

Not all of Wake Forest Baptist’s patients were impacted, only those whose information happened to be in the files used by the employee’s account. Additionally, their electronic medical record systems are separate from their email accounts and were not affected by this incident.  

They have no indication that anyone’s information was actually viewed by the unauthorized third party or that it has been misused. However, as a precaution, they are mailing notification letters to individuals whose information was identified through their review and for whom they have sufficient contact information. The notification letters include a Reference Guide that provides additional information on general steps individuals can take to monitor and protect their personal information. Although Wake Forest Baptist are unaware of any actual or attempted misuse of patient information as a result of this incident, they encourage affected patients to carefully review their credit reports and similar types of documents that might indicate questionable activity. For those whose Social Security numbers were identified in the account, they are offering complimentary credit monitoring and identity protection services. 

July 17, 2023

Topic Area: Information Technology , Safety , Security

Recent Posts

3 Ways Technology Can Benefit Facilities Teams

By investing in people supported by innovative technology, facilities will be better equipped to meet evolving challenges.

36th Annual Healthcare Facilities Symposium and Expo Held

The show was held in Charlotte, North Carolina.

Florida Hospital Experiences Two Power Outages in Less Than 24 Hours

Facilities management can mitigate potential outages through training and planning. 

Unique Facility Combines Housing and Healthcare

CCC Blackburn Center gives about 3,000 patients per year access to employment services, housing placement, and complementary clinic services.

KnowBe4 Releases Figures Concerning Healthcare Cyberattacks

The U.S. healthcare industry has become a top target for cyberattacks over the past several years.


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.