NewsLocal News


Current, former Advocate Aurora Health employees' personal information accessed in phishing scheme

Posted at 3:55 PM, Feb 20, 2020
and last updated 2020-02-20 16:55:50-05

MILWAUKEE — Advocate Aurora Health says personal information of some employees may have been compromised.

In an email to employees, Mike Lappin, Chief Administrative Officer for Advocate Aurora Health, says an unauthorized user "had temporary access to certain employee credentials through an email phishing campaign." This includes employees who currently work or used to work at a Wisconsin location. Lappin says an investigation was launched and reported to federal and state law enforcement.

Their early findings show someone who was not authorized temporarily accessed their human resource system. Some Aurora team members and their information may have been impacted, which includes their Social Security number, the bank account used for direct deposit, birth date, and home address.

"Once Advocate Aurora became aware of the incident on Jan. 9, affected credentials were changed, and the intruder was locked out of the system," said Lappin.

Advocate Aurora Health is offering complimentary credit monitoring to employees as the investigation continues.

"Unfortunately, email phishing campaigns have become commonplace across all industries," Lappin wrote to employees. "As such, we continue to add additional security measures and will be providing more education to all team members."

Advocate Aurora Health wrote the following in a statement:

"Last month, we discovered there was unauthorized temporary access to our human resources system through an email phishing campaign. We took immediate action to secure our employees’ information, notify those impacted, alert authorities and enhance our data security measures. Our continued investigation of the incident indicates a potentially broader unauthorized access to human resources data. Out of an abundance of caution, this week we notified all current and some former employees about the incident, providing them with complimentary credit monitoring and other resources regarding data security. As the sophistication of cyber-attacks increases, we remain ever vigilant and continue to work with authorities and external experts to enhance both education of our workforce and data safety protocols."

Report a typo or error