Elara Caring phishing attack exposes 100,000 patients’ data

Phishing Attack Exposes 100,000 Patients' Data - Paubox

Elara Caring, a home-based care provider, recently announced that patient data may have been exposed after a security breach in December 2020. 

What happened?

Elara Caring was the victim of a phishing attack. On December 9, 2020, a phishing email was sent to employees which enabled a hacker to gain access to several employee accounts. Although Elara Caring detected the unauthorized access the same day, it wasn’t able to contain the situation until December 16.

Protected health information (PHI) may have been leaked during this data breach. As many as 100,400 patients had sensitive data exposed, including information like:

  • Name
  • Date of birth
  • Address
  • Phone number
  • Financial or bank account information
  • Social Security number
  • Insurance information
  • Driver’s license number

Elara Caring claims that there’s no evidence that PHI was accessed or misused. Its investigation also concluded that malware wasn’t released into its network.

How did Elara Caring respond to the data breach?

Elara Caring sent notification letters of the data breach to all affected patients and is offering to pay for a two-year membership of Experian services to monitor for potential fraud. 

Elara Caring also made many internal changes. Some of these changes include:

How can Paubox help you prevent phishing attacks?

Robust cybersecurity is critical to ensuring that you are protecting patient data, but human error repeatedly proves to be the weakest link in the chain. How can you send HIPAA compliant email while making sure human error doesn’t cause breaches?

That’s where Paubox Email Suite Plus comes in. Our inbound security tools stop threats from entering your employees’ inboxes, which means they don’t even get a chance to expose themselves to phishing, viruses, or spam. It even includes our patented ExecProtect that stops display name spoofing emails.

Since Paubox is HITRUST CSR certified, you know that we take HIPAA compliant cybersecurity seriously. We implement safeguards like blanket TLS encryption and two-factor authentication to keep your emails safe.

But don’t worry—Paubox is easy to use. It can seamlessly integrate with your email provider, including Google Workspace or Microsoft 365. Your employees send emails directly to a patient’s inbox. There’s no need for client portals or passwords.

Try Paubox Email Suite Plus for FREE today.

About the author

Sara Nguyen

Read more by Sara Nguyen

Get started with
end-to-end protection

Bolster your organization's security with state-of-the-art email encryption and inbound email security.

Highest rated HIPAA compliant messaging solution on G2

EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader
SecureEmailGateway BestSupport Mid Market QualityOfSupport
EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader
SecureEmailGateway BestSupport Mid Market QualityOfSupport