PHILADELPHIA – Officials say a data breach at a mental health services company exposed sensitive data belonging to at least 500 people in Philadelphia.
What we know:
Equilibria Mental Health Services said the data breach happened during a phishing attack in June that targeted information belonging to about 500 people in Philadelphia.
Information stolen during the cyberattack includes mailing addresses, telephone numbers, health insurance plan information, and/or a person’s self-reported reason for seeking mental health services.Â
Equilibria says some patients received a phishing email that was sent from a “compromised address” that duped patients into providing sensitive information. The email instructed the receiver to open a document to sign and provide their email login information.Â
What they’re saying:
Equilibria says it contacted authorities about the attack and is investigating the origins of the data breach.
Meanwhile, Equilibria says it’s evaluating their “cyber safety protocols and taking action to further strengthen protection against future attacks.”
“The actions taken to improve our protocols are expected to include increased training of employees and ongoing third party testing of our responses to cyber security threats, including phishing,” Equilibria said.
What you can do:
Equilibria advises that anyone who receives a phishing email that purports to be from them to not click the link and delete the messages.
Those who have clicked the link in the phishing email and attached document should change their account password immediately.