BISMARCK — North Dakota has reported a phishing incident on state email accounts that occurred late last year.
In a Tuesday, Oct. 27, press release, the state said the Department of Human Services, Department of Health and Cavalier County Health District and a few other agencies were affected by the phishing incident.
The incident did not impact state servers or systems and was limited to certain employee email accounts, the release said. The accounts were secured and an investigation ensued.
On Aug. 27, the state discovered email accounts were accessed between Nov. 23 and Dec. 23, 2019. The accounts contained personal and protected health information, including names, dates of birth, addresses, medical diagnoses and other details, the state said.
Some individuals’ financial account numbers and/or Social Security numbers were also in the impacted accounts. This incident does not affect all patients of North Dakota and not all information was included for all individuals.
North Dakota has no evidence that the purpose of the phishing campaign was to obtain patient information and does not have any evidence that any of the information has been acquired or misused, according to the release.
Individuals whose Social Security numbers were contained in the impacted accounts have been provided with information about enrolling in a complimentary credit monitoring product.
For further questions or additional information regarding this incident, a dedicated toll-free response line has been set up at 1-855-914-4648.