Cyber Incident Victim: Christie Clinic

The Christie Clinic email security incident occurred between July 14 and August 19, 2021, when an unauthorized actor gained access to a single employee email account. The attacker specifically targeted the account to intercept a business transaction, indicating a focused objective beyond indiscriminate data collection. During this period, the compromised account potentially exposed protected health information including patient names, Social Security numbers, medical treatment details, and physical addresses. The Clinic did not publicly specify the exact method of initial access but confirmed the breach involved unauthorized email account infiltration. Unlike typical phishing campaigns seeking credential harvesting described in other incidents, this intrusion appeared financially motivated through transaction manipulation. Christie Clinic investigators could not definitively determine whether the attacker viewed or exfiltrated all accessible data during the 36-day access period due to limited forensic evidence.

Upon discovering the breach, Christie Clinic secured the affected email account to terminate unauthorized access and initiated an internal investigation. As a precautionary measure despite uncertain data exposure levels, the Clinic notified all potentially impacted individuals about the incident. The notification advised patients regarding the types of sensitive information involved but did not quantify the affected population. Exposed Social Security numbers and medical information created risks of identity theft and medical fraud for victims, though no specific misuse evidence was confirmed. The Clinic implemented additional security measures for email systems following the incident but did not publicly detail these technical controls. No ransomware deployment, data destruction, or secondary attacks were reported in connection with this email compromise incident.