ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Scam calls/emails

    Scheduled Pinned Locked Moved IT Discussion
    34 Posts 9 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DashrenderD
      Dashrender @JaredBusch
      last edited by Dashrender

      @JaredBusch said in Scam calls/emails:

      This sounds like either you were compromised and don’t know it or your providers compromised and don’t know it. Try to find which one of your systems would be common between these.

      For example, when somebody pays her bill which one of your systems is updated

      The breach is of course the first thing we thought of.

      Now that I'm writing this - I'm going to see who took the CC payment and who made the appointment for the first and third issues.
      CC's go to an online processor via a webpage, nothing else. We manually also make a note of the transaction, with no tracking of the CC info itself into our EHR/billing system.

      1 Reply Last reply Reply Quote 0
      • J
        JasGot @Dashrender
        last edited by

        @Dashrender said in Scam calls/emails:

        In the first case - a patient scheduled a procedure - then within a day, received an email providing information about that procedure.

        Did this person provide CC info?

        @Dashrender said in Scam calls/emails:

        And lastly, just reported - a patient paid their bill here, then received a phone call

        How much time passed from the bill payment to the phone call?

        DashrenderD 2 Replies Last reply Reply Quote 0
        • DashrenderD
          Dashrender @JasGot
          last edited by

          @JasGot said in Scam calls/emails:

          @Dashrender said in Scam calls/emails:

          In the first case - a patient scheduled a procedure - then within a day, received an email providing information about that procedure.

          Did this person provide CC info?

          It's possible, I'll have to check tomorrow.

          1 Reply Last reply Reply Quote 0
          • DashrenderD
            Dashrender @JasGot
            last edited by

            @JasGot said in Scam calls/emails:

            @Dashrender said in Scam calls/emails:

            And lastly, just reported - a patient paid their bill here, then received a phone call

            How much time passed from the bill payment to the phone call?

            same day, beyond that - again, we'd have to ask. I know I heard about it around 1:30pm today.

            J 1 Reply Last reply Reply Quote 0
            • J
              JasGot @Dashrender
              last edited by JasGot

              @Dashrender said in Scam calls/emails:

              same day, beyond that - again, we'd have to ask. I know I heard about it around 1:30pm today.

              So, in my mind, I'd start looking for a hack that is "live" meaning someone is actually monitoring the activity; or a corrupt employee.

              From what I have seen in hacks like this that are NOT "live" it can take days for the info to propagate to the call centers who are trying to scam people. For it to happen so fast likely means you are a direct target by a small time hacker (ie; not automated, and/or not on a large scale) or an employee is part of a ring trying to make a quick buck.

              Tread lightly and carefully, if it turns out to be an employee, you'll want to get the FBI involved before you confront them. I say FBI, because as soon as you use a computer to commit a crime, the FBI wants to take the lead.

              1 Reply Last reply Reply Quote 0
              • DashrenderD
                Dashrender
                last edited by Dashrender

                Well, my boss ran reports - there is no common employee to these incidents. So far, the only common thing is the EHR itself.

                Found the details on #2 - I'll update the OP.

                dafyreD 1 Reply Last reply Reply Quote 0
                • dafyreD
                  dafyre @Dashrender
                  last edited by

                  @Dashrender said in Scam calls/emails:

                  Well, my boss ran reports - there is no common employee to these incidents. So far, the only common thing is the EHR itself.

                  And there was another incident to add to the list - I'll update the OP.

                  Is your EHR hosted or on-prem?

                  DashrenderD 1 Reply Last reply Reply Quote 0
                  • DashrenderD
                    Dashrender @dafyre
                    last edited by

                    @dafyre said in Scam calls/emails:

                    @Dashrender said in Scam calls/emails:

                    Well, my boss ran reports - there is no common employee to these incidents. So far, the only common thing is the EHR itself.

                    And there was another incident to add to the list - I'll update the OP.

                    Is your EHR hosted or on-prem?

                    Hosted - I believe it's a true cloud based app, but I'm not 100% sure. The system has something like 36 DBs and clients are spread over these DBs, but it's definitely not a 1 to 1 DB/client setup. I assume it's something akin to O365.

                    1 Reply Last reply Reply Quote 0
                    • DashrenderD
                      Dashrender
                      last edited by

                      We are going to be doing a report to see if there are any common IPs accessing these three patients.

                      dafyreD 1 Reply Last reply Reply Quote 0
                      • dafyreD
                        dafyre @Dashrender
                        last edited by

                        @Dashrender said in Scam calls/emails:

                        We are going to be doing a report to see if there are any common IPs accessing these three patients.

                        Also check and see if the patients are in the same DB?

                        DashrenderD 1 Reply Last reply Reply Quote 0
                        • DashrenderD
                          Dashrender @dafyre
                          last edited by Dashrender

                          @dafyre said in Scam calls/emails:

                          @Dashrender said in Scam calls/emails:

                          We are going to be doing a report to see if there are any common IPs accessing these three patients.

                          Also check and see if the patients are in the same DB?

                          They are - all of our patients are in a single DB.. each client of the EHR is in a single DB. I.e. we are a client, and all of our patients are in a single DB.

                          dafyreD 1 Reply Last reply Reply Quote 0
                          • DashrenderD
                            Dashrender
                            last edited by

                            an FYI in case anyone cares... athenaNet has a single user database for their entire system. So if you work at two different hospital/clinics that both use athenaNet, then you only have one account that accesses both systems...

                            IRJI travisdh1T 2 Replies Last reply Reply Quote 0
                            • IRJI
                              IRJ @Dashrender
                              last edited by

                              @Dashrender said in Scam calls/emails:

                              an FYI in case anyone cares... athenaNet has a single user database for their entire system. So if you work at two different hospital/clinics that both use athenaNet, then you only have one account that accesses both systems...

                              Yeah, unfortunately that is extremely common practice. They just use a different identifier to segment customers.

                              1 Reply Last reply Reply Quote 0
                              • dafyreD
                                dafyre @Dashrender
                                last edited by

                                @Dashrender said in Scam calls/emails:

                                @dafyre said in Scam calls/emails:

                                @Dashrender said in Scam calls/emails:

                                We are going to be doing a report to see if there are any common IPs accessing these three patients.

                                Also check and see if the patients are in the same DB?

                                They are - all of our patients are in a single DB.. each client of the EHR is in a single DB. I.e. we are a client, and all of our patients are in a single DB.

                                I would put a call in to the EHR for sure and tell them what's been happening.

                                DashrenderD 1 Reply Last reply Reply Quote 1
                                • travisdh1T
                                  travisdh1 @Dashrender
                                  last edited by

                                  @Dashrender said in Scam calls/emails:

                                  an FYI in case anyone cares... athenaNet has a single user database for their entire system. So if you work at two different hospital/clinics that both use athenaNet, then you only have one account that accesses both systems...

                                  So all it really takes is someone that has changed jobs a number of times to companies that all use this same athenaNet?

                                  DashrenderD 1 Reply Last reply Reply Quote 0
                                  • DashrenderD
                                    Dashrender @dafyre
                                    last edited by

                                    @dafyre said in Scam calls/emails:

                                    @Dashrender said in Scam calls/emails:

                                    @dafyre said in Scam calls/emails:

                                    @Dashrender said in Scam calls/emails:

                                    We are going to be doing a report to see if there are any common IPs accessing these three patients.

                                    Also check and see if the patients are in the same DB?

                                    They are - all of our patients are in a single DB.. each client of the EHR is in a single DB. I.e. we are a client, and all of our patients are in a single DB.

                                    I would put a call in to the EHR for sure and tell them what's been happening.

                                    yup, started the process on Friday - then the line got disconnected.

                                    I have to call them back today.

                                    dafyreD 1 Reply Last reply Reply Quote 0
                                    • DashrenderD
                                      Dashrender @travisdh1
                                      last edited by

                                      @travisdh1 said in Scam calls/emails:

                                      @Dashrender said in Scam calls/emails:

                                      an FYI in case anyone cares... athenaNet has a single user database for their entire system. So if you work at two different hospital/clinics that both use athenaNet, then you only have one account that accesses both systems...

                                      So all it really takes is someone that has changed jobs a number of times to companies that all use this same athenaNet?

                                      I'm not sure what you are asking?

                                      There is only one athenaNet. The way they want you to handle users is to never delete them from your system - so in our case we would have somewhere around 50+ people in our system that no longer work here all taking up space in our drop downs because the system has no way of hiding, yet leaving them in, ex-employees. So we say screw that - and delete them. This of course causes us a different problem, once we delete them, we can no longer run reports on them, we have to contact athenaHealth (the company) and have them run the reports for us,

                                      We'd be happy to leave the users in as no access users, if there was a way to remove them from all of the active user lists - which are used everyday multiple times per day by nearly everyone - as a way to assign tasks to others.

                                      1 Reply Last reply Reply Quote 0
                                      • dafyreD
                                        dafyre @Dashrender
                                        last edited by

                                        @Dashrender said in Scam calls/emails:

                                        @dafyre said in Scam calls/emails:

                                        @Dashrender said in Scam calls/emails:

                                        @dafyre said in Scam calls/emails:

                                        @Dashrender said in Scam calls/emails:

                                        We are going to be doing a report to see if there are any common IPs accessing these three patients.

                                        Also check and see if the patients are in the same DB?

                                        They are - all of our patients are in a single DB.. each client of the EHR is in a single DB. I.e. we are a client, and all of our patients are in a single DB.

                                        I would put a call in to the EHR for sure and tell them what's been happening.

                                        yup, started the process on Friday - then the line got disconnected.

                                        I have to call them back today.

                                        Hopefully you didn't get disconnected today?

                                        DashrenderD 1 Reply Last reply Reply Quote 0
                                        • DashrenderD
                                          Dashrender @dafyre
                                          last edited by

                                          @dafyre said in Scam calls/emails:

                                          @Dashrender said in Scam calls/emails:

                                          @dafyre said in Scam calls/emails:

                                          @Dashrender said in Scam calls/emails:

                                          @dafyre said in Scam calls/emails:

                                          @Dashrender said in Scam calls/emails:

                                          We are going to be doing a report to see if there are any common IPs accessing these three patients.

                                          Also check and see if the patients are in the same DB?

                                          They are - all of our patients are in a single DB.. each client of the EHR is in a single DB. I.e. we are a client, and all of our patients are in a single DB.

                                          I would put a call in to the EHR for sure and tell them what's been happening.

                                          yup, started the process on Friday - then the line got disconnected.

                                          I have to call them back today.

                                          Hopefully you didn't get disconnected today?

                                          Sadly, the call back didn't happen today.

                                          scottalanmillerS 1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller @Dashrender
                                            last edited by

                                            @Dashrender said in Scam calls/emails:

                                            @dafyre said in Scam calls/emails:

                                            @Dashrender said in Scam calls/emails:

                                            @dafyre said in Scam calls/emails:

                                            @Dashrender said in Scam calls/emails:

                                            @dafyre said in Scam calls/emails:

                                            @Dashrender said in Scam calls/emails:

                                            We are going to be doing a report to see if there are any common IPs accessing these three patients.

                                            Also check and see if the patients are in the same DB?

                                            They are - all of our patients are in a single DB.. each client of the EHR is in a single DB. I.e. we are a client, and all of our patients are in a single DB.

                                            I would put a call in to the EHR for sure and tell them what's been happening.

                                            yup, started the process on Friday - then the line got disconnected.

                                            I have to call them back today.

                                            Hopefully you didn't get disconnected today?

                                            Sadly, the call back didn't happen today.

                                            Figures.

                                            DashrenderD 1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 1 / 2
                                            • First post
                                              Last post