GRAND RAPIDS, Mich. — Network180, Kent County's Community Mental Health Authority, announced that they experienced a cybersecurity breach in October impacting approximately 59,000 people.
Network180 said the incident was quickly contained, but information about current and former employees and clients such as addresses, birth dates and social security numbers could have been breached.
A notice sent out by Network180 said this occurred after a user fell victim to a phishing attack where they unknowingly clicked on a link in a malicious email.
The investigation showed the attacker had access to the affected email between Sept. 28, 2023, to Oct. 18, 2023.
This comes after Corewell Health experienced two data breaches last year, impacting at least 1 million people.
Greg Gogolin, the Director of Cybersecurity and Data science at Ferris State University, said that healthcare companies are increasingly being targeted because they likely have the most up-to-date personal information.
"Healthcare companies have some of the most sensitive data available, so that's one of the reasons for the target, but there's a number of reasons why they seem to be susceptible. One of those reasons is that the information is often shared, whether it's with a third-party insurance company or another provider," Gogolin said.
Matt Murren, the founder and CEO of True North, a nationwide healthcare IT and security provider, said often these cyber-attacks come in the form of phishing.
In phishing, a person receives a fraudulent email aiming to collect sensitive information by having them unknowingly click on a harmful link.
"A lot of these attacks come through phishing links, and so the first thing, just generally not only for healthcare systems, but everything being interconnected, as it takes a high level of kind of vigilance looking at things you're clicking on." Murren said.
Network180, just like many other companies that have fallen victim to these attacks, has sent out notices to impacted customers and will provide credit monitoring services.
However, in addition to this, Gogolin said it's best to take your own security measures as well.
"What people can do kind of proactively is to contact one of the credit bureaus and put a credit freeze on or fraud alert, and this will help to reduce the exposure for potentially getting accounts and things opened in your name," Gogolin said.
Other steps such as setting up notifications for large bank transactions and regularly monitoring your accounts can help you detect early on if your information has been stolen.
Gogolin said with changing technology and AI, even voices and faces can now be replicated to try and use stolen information to target others.
"There are going to be so many other types of threats that pop up, that they got to keep their eyes open. If it doesn't feel right, don't do it. If someone calls you and it just seems out of character, terminate the call and call them back to make sure it was really them," Gogolin said.
►Make it easy to keep up to date with more stories like this. Download the 13 ON YOUR SIDE app now.
Have a news tip? Email news@13onyourside.com, visit our Facebook page or Twitter. Subscribe to our YouTube channel.
Watch 13 ON YOUR SIDE for free on Roku, Amazon Fire TV Stick, Apple TV and on your phone.