Phila.gov
May 27, 2021
Posted 6/1/20
Updated 6/15/20
Updated 6/24/20
Updated 8/14/20
Updated 10/5/20
Updated 12/7/20
Updated 1/4/21
Updated 5/27/21
CLICK TO READ ENTIRE RELEASE AT PHILA.GOV
Email Phishing Campaign Causes Potential Data Breach at the City of Philadelphia
PHILADELPHIA — The City of Philadelphia (the “City”) announced today an update on its investigation into a security incident that may have permitted multiple employee email accounts to be accessed by unauthorized individuals. This update relates to the incident initially reported on June 1, 2020, which impacted individuals served by the Department of Behavioral Health and Intellectual disAbility Services (“DBHIDS”) and its business associate, Community Behavioral Health (“CBH”) (posted online here). CBH assists DBHIDS in administering the behavioral health Medicaid program (HealthChoices) for the Philadelphia region. The City’s investigation since the initial report revealed that the incident impacted email accounts utilized by additional City departments.
On March 31, 2020, DBHIDS learned that an employee’s email account had been compromised as a result of a phishing attack. The Office of Innovation and Technology’s Information Security Group (“OIT”) immediately secured the account and began an investigation. Following this initial discovery, OIT discovered multiple additional DBHIDS and CBH accounts that were compromised as part of the attack. The password for each account was changed promptly upon discovery. The City’s investigation efforts have confirmed that the DBHIDS and CBH accounts were subject to unauthorized access intermittently between March 11 and November 15, 2020. The investigation further confirmed that additional City departments’ accounts were intermittently subject to unauthorized access between the start of this incident and January 2021. This attack is believed to be connected to a series of malicious attacks that targeted health care and social services agencies during the COVID-19 global pandemic.
To date, the investigation has been unable to confirm whether any unauthorized persons have viewed any emails or attachments in the compromised accounts.
If you receive services or support through DBHIDS and have questions or concerns, you can call 1-888-858-1748 for more information. CBH members can call 1-888-545-2600 for more information.
