Skip to main content
Blog

Case Study: UnityPoint Health Breach

    UnityPoint Health, a multi-hospital group who serves Iowa, Illinois, and Wisconsin, is now entertaining the unfortunate task of informing over 1.4 million patients to the second data breach the organization has suffered this year alone. To be clear, it’s not just the second breach; it’s the second breach initiated through a phishing attack.

    The first breach, in April of this year, had employee email accounts phished which lead to the compromise of birth dates, Social Security numbers, medical record numbers, treatment information, diagnosis data, lab results, medications, providers, insurance information and important medical appointments.

    The second breach also targeted employees, while adding debit/credit card payment information to the already staggering list of exposed information.

    According to the release to patients, the UnityPoint Health’s business email system was hit by a series of targeted phishing attacks that appeared to be sent from a high-level executive at UnityPoint Health to employees. One, you read that right, one employee fell for the attack, granting hackers full access to all internal email accounts from March 14th to April 3rd.

    After a forensic investigation, law enforcement believes the attack was financially motivated; with hackers likely trying to use the email system to divert vendor or payroll payments for their financial gain.

    In response to the breach, UnityPoint states they have implemented a multi-factor authentication system to verify the users before accessing their accounts. Besides this, the organization has reset all passwords of the compromised accounts, conducted mandatory phishing education to all employees and added additional security tools to aid in the identification of suspicious emails.

    Unfortunately, as they say in medicine, prevention is always superior to a cure. UnityPoint is now faced with two class-action lawsuits that will inevitably cost the organization far more than any preventative cyber-security measures that should have been taken years earlier.

    At Packetlabs, it’s our firm belief that information security, in any organization, should be considered as integral as insurance where risk is involved. Contact us to learn more about how we can help.

    Featured Posts

    See All
    Are You Using WPA3?

    October 03 - Blog

    Are You Using WPA3?

    Discover how WPA3 strengthens Wi-Fi security, with enhanced protection against password cracking, encrypted public networks, and improved privacy.

    Read More
    Toronto at night

    September 05 - Blog

    Your Guide to SecTor 2025

    Black Hat's annual SecTor 2025 cybersecurity conference is fast approaching. Here are your top takeaways to maximize learnings from this year's event.

    Read More

    September 04 - Blog

    AI in Penetration Testing

    What is the role of AI in penetration testing? Learn more about its common usages (and pitfalls) in 2025.

    Read More
    Packetlabs Company Logo
      • Toronto | HQ
      • 401 Bay Street, Suite 1600
      • Toronto, Ontario, Canada
      • M5H 2Y4
      • San Francisco | HQ
      • 580 California Street, 12th floor
      • San Francisco, CA, USA
      • 94104
    Contact Us
    Partner Program
    Learn
    Careers
    About
    Packetlabs Portal
    FAQ
    Get a Quote
    LinkedIn Icon SquareX Icon SquareFacebook Icon Square
    Cyber Right Now
    CREST Logo
    AICPA SOC 2 Logo
    Clutch 2023 Certification Logo

    © 2024 Packetlabs. All rights reserved.

    Privacy Policy