Valley Hope Association (VHA), the addiction treatment organization based in Norton Kansas, announced it suffered a data breach in late 2018. An unauthorized individual gained access to an employee’s email account, potentially exposing patient PHI. Valley Hope detected the intrusion quickly and worked to remedy the issue.
A Run of bad luck
This is the second hack of a Kansas-based business announced in recent weeks (Wichita State University Phishing Fail). While it's easy to imagine cybercrime doesn't happen to small or medium businesses in the Midwest, such organizations are typically the least protected and most lucrative targets.
Unfortunately, these breaches are completely avoidable. In the case of Valley Hope, the exposed email account had been used to send PHI - something that happens in many physician practices. A policy of restricting direct email messaging as a means of sharing PHI could have helped minimize the risk.
Umbrella Can Help
Planning for the worst is how you prevent or recover from a cyber attack. The Umbrella ITMS 3.0 program can help your business improve system resilience and put safeguards in place.
Unconvinced? What if you could find out if you are vulnerable?
Contact Us to schedule Phishing and Ransomware simulations. We will run a network resilience tests to see how vulnerable your business, and its users, are to the latest threats.