In a news release, the orthopedics center said that on Sept. 17, 2020, it identified unusual email activity and launched an investigation with assistance from cybersecurity experts. The investigation found that multiple employee email accounts were accessed by a cybercriminal between October 2019 and September 2020.
On Jan. 25, 2021, CAO concluded that protected health information was contained in the emails accessed by a cybercriminal. However, CAO said it’s unsure if the information was accessed or acquired by the unauthorized party.
The information exposed in the email hacks may include Social Security numbers, financial account information, passport numbers and more. CAO said it is unaware of any misuse of this information.
In response, CAO is reviewing its policies and procedures, assessing its security infrastructure and implementing additional safeguards to prevent similar incidents from occurring in the future.
More articles on cybersecurity:
Hackers claim they stole Stanford Medicine data, posted info online: 4 things to know
March healthcare data breaches triple February numbers
RCM vendor’s former employee uploaded Memorial Hermann, UChicago patient info on public website