Hackers hit Nebraska Medical Center, U of Nebraska with malware, steal patient and employee records

Nebraska Medical Center and the University of Nebraska Medical Center are alerting patients of a malware attack last year on its IT systems that may have exposed their protected health information. 

In a Feb. 5 privacy incident notice, the Omaha, Neb.-based healthcare organizations told patients they discovered unusual network activity Sept. 20 that affected some of its IT systems. In response, the two medical centers shut off select systems, isolated potentially affected devices and investigated. 

The hospitals found that between Aug. 27 and Sept. 20, an unauthorized person gained access to systems on its network and deployed malware to get copies of patient and employee information. The attack did not result in unauthorized access to either hospitals' EHR. 

The breach also affected patients seen at Faith Regional Health Services, Great Plains Health and Mary Lanning Healthcare, whose information was in the Nebraska Medicine and University of Nebraska Medical Center network. Information exposed in the breach included Social Security numbers, names, addresses, dates of birth, medical record numbers and lab results. 

Both medical centers are providing patients whose Social Security numbers   and/or driver's license numbers were affected with free credit monitoring and identity theft services. The hospitals are also implementing new network-monitoring tools to avoid more breaches. 

More articles on cybersecurity: 
FDA names 1st medical device cybersecurity director
The new wave of hacking attempts hitting hospitals: 6 things to know
6 vulnerability points hackers target in hospital cyberattack

 

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Whitepapers

Featured Webinars