Six health systems have reported that some of their patient and employee data has been compromised due to a ransomware attack against third-party printing vendor Kaye-Smith.
In June, Kaye-Smith learned that an unauthorized individual had gained access to information in its systems. The vendor, which provides billing services to multiple health systems across the country, also found that the breached information included patient and employee data from some of the health systems it serves.
Some of the impacted health systems include 3,800 individuals from Seattle-based UW Medicine; 2,857 individuals from Danville, Pa.-based Geisinger; 6,750 individuals from Seattle Children's; Tacoma, Wash.-based MultiCare Health System; and 31,573 individuals from Boise, Idaho-based St. Luke’s Health System.
The breached information varies by each hospital, but includes names, addresses, medical record numbers, dates of service, payment installment plans and Social Security numbers of current and former employees.
Kaye-Smith has said it has found no evidence that any of the information has been made public.
The company is working to notify affected health system employees and patients.