NASHVILLE, Tenn. (WSMV) -- An e-mail hacker swiped more than 100 messages from an employee at Aspire Health, and according to court records, some of them had protected health information.
The hack was discovered on Sept. 5.
Court documents said the unknown hacker was somehow able to obtain security credentials to access to Aspire's e-mail system, and forwarded 124 e-mails to an external Google account linked to a website registered in eastern Europe.
Aspire Health arranges medical care for patient pain relief with their headquarters on Commerce Street in Nashville.
"Unfortunately, yes, it's becoming commonplace," said Don Baham of Kraft Technology Group. "Certain individuals may be targeted or it may just be a blanket approach, seeing how many folks inside a company they can get to click on a link or enter credentials and find out more insider information about that company. If this person has access to intellectual property or financial information, it could be a huge risk to a company."
Court records detail Aspire Health's effort to subpoena Google and identify the hacker.
"Aspire has attempted to obtain the information requested in the proposed subpoena informally from Google that could reveal the identity of John Doe but have been unable to do so without a subpoena," the complaints states.
In the digital age, attacks like this are becoming more and more prevalent, but experts said there are things individuals and companies can do to protect private information.
"If you have two-factor authentication, it's much harder to gain access to your mailbox," Baham explained. "Two-factor authentication is the primary method to defeat something like this. You've enabled this, and they have your username and password. With two-factor authentication enabled, that attacker could not gain access to the account."
In a statement to News4 about the cyber attack, Aspire Health said:
"Aspire takes the security of its data and the personal information of its patients very seriously. Aspire recently learned one of its employees was the victim of an international phishing attack. Aspire’s information security team quickly discovered the attack and immediately took action to lock the employee’s account. Aspire is now working through the legal process to determine if any Aspire information was ultimately accessed by a third-party. Out of an abundance of caution, Aspire has already alerted the small handful of customers who may have been impacted by this event."