Cyber Incident Victim: Saint Agnes Medical Center
Date:
May 2016
Location:
United States of America
Summary
Saint Agnes Medical Center reported that a phishing email attack compromised the W-2 forms of 2,800 employees, exposing them to potential identity theft. The hospital stated that no patient data or internal systems were affected and noted that the Attorney General’s office and the FBI are investigating the breach. To assist impacted workers, the center is providing a complimentary one‑year subscription to an identity theft monitoring service. The hospital also established a dedicated help line to answer questions about the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On May 5, 2016, ABC30 reported that thousands of employees at Saint Agnes Medical Center were facing the possibility of identity theft following a security breach. The breach involved the unauthorized acquisition of W-2 tax forms for all staff members employed by the hospital. According to the report, the incident affected approximately 2,800 employees. Hospital officials stated that the information was obtained through an email phishing attack. The phishing campaign allowed scammers to access the employees' wage and tax statements. No other data types were mentioned in the coverage.

The hospital said that the Office of the Attorney General and the Federal Bureau of Investigation were investigating the crimes related to the breach. A spokesperson emphasized that the incident was localized and that no medical center systems had been compromised. They also stated that patient information was not at risk or exposed as a result of the breach. To assist those whose W-2s were compromised, Saint Agnes Medical Center offered a free one‑year membership to an identity theft monitoring service. The offer was intended to help employees detect and respond to any potential misuse of their personal information. The report concluded with the hospital’s commitment to cooperate with the ongoing investigations.
