On March 29, the health system discovered that one or more Beaumont Health employee email accounts had been accessed by an unauthorized third party between May 23, 2019, and June 3, 2019. After completing a forensic investigation, Beaumont Health was unable to determine if any information was acquired by the unauthorized third party.
Patient data that may have been exposed by included names, dates of birth, diagnoses, patient account numbers and medical record numbers. A limited number of Social Security numbers, financial account information, health insurance information and driver’s license or state ID numbers may also have been affected.
Beaumont Health implemented additional technical safeguards and provided extra training and education to employees on handling malicious emails, the health system said in an April 17 notice posted to its website.
More articles on cybersecurity:
Should the government track cellphones to help curb COVID-19 spread? Americans divided
10 cybersecurity tips for clinicians working from home during the pandemic
Hackers targeting COVID-19 researchers, FBI warns
