IN: Methodist Hospitals notifies 68,039 after two employees fall for phishing attack

HealthIT Security also reports a breach at Methodist Hospital. There are many hospitals with “Methodist” in their name, so to be clear: this incident involved Methodist Hospitals in Indiana.

Two employees of the Methodist Hospitals fell victim to phishing scams, which potentially compromised the data of about 68,039 patients.

In June, officials said they detected unusual activity in an employee’s email account. An investigation determined that one employee email account was breached on June 12, and again for a week between July 1 and July 8.

The other account was compromised for about three months between March 13 and June 12. The investigation could not rule out the possibility of access to the data in the accounts.


You can read the full disclosure notice below. has reached out to the health system to confirm whether the two employees fell for the same phishing attack from the same actor(s) or if there were two separate phishing attacks that employees fell prey to. This site has not received a response, but will update this post if a response is received.


About the author: Dissent

Comments are closed.