Texas Children’s team members and Baylor staff,
As may soon be appearing in the news, health care systems across the United States are currently the target of a large-scale ransomware attack, which poses a high security risk for Texas Children’s network and computer systems. While there are several ways ransomware can be transmitted across an organization, the most common is email, where an employee may be deceived into clicking a link or opening an attachment from a fraudulent account.
Although our Information Services (IS) team has worked diligently to keep Texas Children’s secure during these types of malicious attacks, it is a shared responsibility of every employee to protect our digital environment. As a reminder, please review the following guidance to help keep our network secure.
1. Look for the yellow bar. Every email that originates from outside Texas Children’s network is tagged with a yellow bar at the top of the message. If you see this yellow bar, do not click any links or open any attachments unless you recognize the sender and know the content is safe.
2. Pay close attention to who the message is coming from. Look carefully at the sender’s email address. If it is one you do not recognize, or looks suspicious, do not engage with the message.
3. Spelling and grammatical errors. These are telltale signs of a phishing scam. Treat these messages as a threat to our network and delete them immediately.
4. Be cautious of links. If you are being engaged to click a link, take a moment to hover your mouse over the link to see where you will be directed upon clicking. Simply put: if the link is not legit, do not click.
5. What should you do if you receive a suspicious message? Refrain from opening the email or any attachments, and do not click any links. Simply delete the message from your inbox and notify IS Security by emailing isservicedesk@texaschildrens.org. If you have any questions about information security or phishing, please call the IS Service Desk at Ext. 4-3512 (external 832-824-3512).
Additionally, if you have not done so already, please take a moment to complete your Texas Children’s Cybersecurity Annual Training, which is available on HealthStream. The due date to complete this training is October 31.
Thank you for your efforts to keep Texas Children’s secure. Please continue to stay vigilant both at work and at home.
Teresa Tonthat
Assistant Vice President, Information Services