No real technology needed to break in this time when employees hand out their email addresses and log on information. If the hacker said he was within the hospital system working in IT, then he would have known this information or would have worked with someone in the department who had access to the Active Directory and Group Policy parameters on the hospital network.
If someone has to ask you for that information be aware and ask for credentials and other information and last but not least, call the help desk for sure. The hospital has since educated employees on their network IT policies and procedures. BD
An outside hacker, claiming to be from within the hospital system, persuaded some St. Vincent Indianapolis Hospital associates to share their e-mail log-in information, giving him or her access to confidential medical information for about 1,800 patients.
The hospital has notified all those patients affected about the potential breach, which could have included their names and certain clinical information.
No patient has reported any problems because of the breach, a hospital spokesman said. The hacker did not have access to patients' electronic medical records but only to e-mails that clinicians exchanged, some of which contained private information.