Nearly 11,000 Main Line Health employees fell victim to a "spear phishing" scam last month that exposed key personal information, including birth dates and social security numbers, the health system said Wednesday.
On Feb. 16, a Main Line employee responded to an email believed to be a legitimate request for Main Line employees' information, which also included names, addresses, and salaries, Main Line said.
No patient information was released, said Main Line, which learned of the incident Tuesday.
"The safety and security of Main Line Health's employees is our priority, and we are establishing resources to provide our employees with as much support as possible during this time," Jack Lynch, Main Line's chief executive said in a statement.
He urged colleagues at other health-care systems and businesses to educate their employees against phishing attempts.
On Tuesday, the IRS published an alert to human resources and payroll professionals warning of "an emerging phishing email scheme that purports to be from company executives and requests personal information on employees."
The alert said that IRS's criminal investigation unit is reviewing several cases in which people were tricked into providing social security numbers to cybercriminals.