Terros Incorporated suffers HIPAA email breach

Featured image

Share this article

hipaa breach reporting, hipaa breach, hipaa, reporting

On June 5, 2018, Terros Incorporated submitted a HIPAA Email Breach to the U.S. Department of Health and Human Services (HHS).

Located in Phoenix, Arizona, Terros Incorporated’s email breach affected 1,618 individuals’ protected health information.

Terros Incorporated is classified as a Healthcare Provider.

According to this report:

An employee working for Terros Health in Phoenix, AZ fell for a phishing scam and inadvertently disclosed login credentials to a scammer. The attacker accessed the employee’s email account, and potentially viewed protected health information (PHI) contained in the email account. Only one email account was accessed and no other systems were compromised.

Terros Health discovered the phishing attack on April 12, 2018 and announced it to the media on June 8. Breach notification letters have now been sent by mail to all patients affected by the breach. Investigators found out that the phishing attack happened on or around November 16, 2017.

The compromised email account contained the PHI of approximately 1,600 patients. 1,241 of the patients only had their names and birth dates exposed. The rest of the patients had their email address, address, medical record number, diagnoses and some other PHI exposed. The Social Security numbers of 142 patients were also contained in the compromised email and could have been viewed or obtained. Most of the patients impacted by the breach had received medical services at the clinic near 23rd Avenue/Dunlap Avenue.

Terros Health has offered free credit monitoring and identity theft protection services for one year to patients whose Social Security numbers were compromised and has already improved security, policies and procedures to prevent further breaches of similar nature. The staff also underwent further security awareness training.

Terros Health Email Platform

We did an MX record lookup for Terros Health and determined they are using Microsoft 365 as their email platform.

We have seen an alarming number of Microsoft 365 customers reporting HIPAA Email Breaches in 2018.

HHS Wall of Shame

The HHS Wall of Shame is a website under the jurisdiction of HHS that lists all HIPAA breaches reported within the last 24 months. The Wall of Shame displays breaches that are currently under investigation by the Office for Civil Rights.

As part of section 13402(e)(4) of the HITECH Act, the HHS Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals.

HIPAA Breach Report

The Paubox HIPAA Breach Report analyzes breaches that affected 500 or more individuals as reported in the HHS Wall of Shame.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Arianna Etemadieh

Arianna is an Inbound Marketing Specialist at Paubox. In her free time, she enjoys cooking, traveling, and volunteering at the animal shelter.

Read more by Arianna Etemadieh

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022