Elara Caring phishing attack exposes 100,000 patients’ data

Featured image

Share this article

Phishing Attack Exposes 100,000 Patients' Data - Paubox

Elara Caring, a home-based care provider, recently announced that patient data may have been exposed after a security breach in December 2020. 

What happened?

Elara Caring was the victim of a phishing attack. On December 9, 2020, a phishing email was sent to employees which enabled a hacker to gain access to several employee accounts. Although Elara Caring detected the unauthorized access the same day, it wasn’t able to contain the situation until December 16.

Protected health information (PHI) may have been leaked during this data breach. As many as 100,400 patients had sensitive data exposed, including information like:

  • Name
  • Date of birth
  • Address
  • Phone number
  • Financial or bank account information
  • Social Security number
  • Insurance information
  • Driver’s license number

Elara Caring claims that there’s no evidence that PHI was accessed or misused. Its investigation also concluded that malware wasn’t released into its network.

How did Elara Caring respond to the data breach?

Elara Caring sent notification letters of the data breach to all affected patients and is offering to pay for a two-year membership of Experian services to monitor for potential fraud. 

Elara Caring also made many internal changes. Some of these changes include:

How can Paubox help you prevent phishing attacks?

Robust cybersecurity is critical to ensuring that you are protecting patient data, but human error repeatedly proves to be the weakest link in the chain. How can you send HIPAA compliant email while making sure human error doesn’t cause breaches?

That’s where Paubox Email Suite Plus comes in. Our inbound security tools stop threats from entering your employees’ inboxes, which means they don’t even get a chance to expose themselves to phishing, viruses, or spam. It even includes our patented ExecProtect that stops display name spoofing emails.

Since Paubox is HITRUST CSR certified, you know that we take HIPAA compliant cybersecurity seriously. We implement safeguards like blanket TLS encryption and two-factor authentication to keep your emails safe.

But don’t worry—Paubox is easy to use. It can seamlessly integrate with your email provider, including Google Workspace or Microsoft 365. Your employees send emails directly to a patient’s inbox. There’s no need for client portals or passwords.

Try Paubox Email Suite Plus for FREE today.
Author Photo

About the author

Sara Nguyen

Read more by Sara Nguyen

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022