In order to provide the most relevant content to the readers of HealthCare Business News, we're asking you to share a little information about who you are, (it takes two seconds and then you're done).
Register
Information for about 112,000 exposed in data breach at Beaumont Health
An email phishing hacking has exposed the information of about 112,000 patients at Beaumont Health in Michigan.
A phishing email breach at Beaumont Health may have put the data of 112,000 people at risk.
The Michigan-based health system says identifiable personal and protected health information of about 112,000 patients was compromised in the breach, in which certain employee email accounts were accessed by an unauthorized third-party nearly a year ago.
“Beaumont has no knowledge of any inappropriate or misuse of any data,” it said in a statement. “Beaumont’s electronic medical record system was not impacted by this incident and remains secure. However, out of an abundance of caution, we are issuing notices to anyone whose information may have been contained in the accessed accounts.”
The hacking took place between May 23 and June 3, 2019, with Beaumont discovering the breach in March 2020. Information exposed in a majority of cases included names, dates of birth, diagnoses, treatment, medical record numbers, and/or prescription information. Roughly 460 cases had social security numbers, back account information, health insurance information, and/or driver’s license or state identification numbers exposed.
Beaumont launched a “prompt and thorough” forensic investigation and “comprehensive” manual document review, teaming up with external cybersecurity professionals to analyze the situation, but admits it was unable to determine for sure if any information was actually acquired by the unauthorized third party.
Those compromised were alerted to the breach in an email sent out Friday. Beaumont has offered credit monitoring to the 460 whose financial information was compromised, except for 10 patients who have since died.
Less than 5% of the eight-hospital health system’s 2.3 million patients were affected by the incident.
Beaumont has since implemented additional technical safeguards and is providing additional training and education to Beaumont employees on how to identify and manage email-related incidents like this.
Notified patients are encouraged to monitor insurance statements for suspicious activity and any transactions related to care or services that have not actually been received.