Cyber Incident Victim: Spokane Regional Health District

On December 21, 2021, Spokane Regional Health District experienced a data breach involving potential unauthorized access to protected health information. The incident occurred when staff members opened a phishing email, triggering a security event that exposed sensitive patient data. SRHD Information Technology personnel received immediate alerts regarding the suspicious activity, prompting an investigation into the extent of the compromise. Their analysis revealed that files containing client-protected health information might have been "previewed" by unauthorized parties through this email-based attack vector. The breach notification did not specify the exact mechanism by which the phishing attempt enabled potential data viewing, nor did it describe the specific categories of health information involved. Health district officials confirmed the incident impacted more than 1,000 individuals whose personal and medical data resided in the affected systems.

The subsequent forensic investigation determined no evidence that any documents containing protected health information had been fully opened, accessed, or downloaded by the threat actor. This finding suggested the data exposure might have been limited to partial views through email preview functions rather than wholesale extraction of records. SRHD did not disclose whether the phishing email contained malicious attachments or embedded links that facilitated the potential data preview. The health district's public statement emphasized the possibility of information disclosure rather than confirming actual data theft or misuse. No technical details were provided regarding containment measures, system remediation, or whether multi-factor authentication or other security controls were in place at the time of the incident. The breach notification did not specify whether affected individuals received direct notifications or credit monitoring services following the event.