Malicious software was discovered on three Florida Hospital websites, affecting certain patient information, the Orlando-based hospital said in an emailed news release May 2.
The exposure was limited and no financial records were affected. Florida Hospital is addressing the vulnerabilities across its online networks, which included taking the sites offline for remediation. Patient medical records remain current, accurate and available in its EMR, according to the news release.
The three websites — FloridaBariatric.com, FHOrthoInstitute.com and FHExecutiveHealth.com — exposed names, email addresses, phone numbers, birthdates, height, weight, insurance carriers and the last four digits of individuals' Social Security numbers. However, information exposed on the orthopedic and executive health sites was limited to name, email, phone number and any comments the individual provided.
A Florida Hospital spokesperson declined to disclose how many patients received breach notifications, but according to the news release, there is no evidence any patient information has been misused.
As a precaution, Florida Hospital is offering affected individuals free online internet monitoring.
More articles on cybersecurity:
Beth Israel Deaconess unveils health tech exploration center
Cerner's Q1 earnings hurt by delayed VA contract: 4 things to know
UK NHS to implement Microsoft's Windows 10 under systemwide cybersecurity deal