Malware on BJC HealthCare website compromises 6,000 patients' payment data

BJC HealthCare in St. Louis said Dec. 18 that malware on its website may have exposed credit card information from 5,850 individuals, the St. Louis Business Journal reports.

The health system's internal investigation into the incident found that malicious software had enabled an unauthorized user to electronically collect payment information entered into its online payment portal from Oct. 25 through Nov. 8. No Social Security numbers or medical data were compromised, but patients' names, dates of birth and billing account numbers may have been stolen.

"BJC has no indication to date that any information was actually misused," BJC officials told the St. Louis Business Journal. "As a precaution, individuals whose payment information may have been exposed are advised to carefully review credit card and bank statements and immediately contact their credit card holder or banking institution about any inconsistencies or suspicious activity."

BJC has implemented additional security procedures to prevent similar incidents going forward.

More articles on cybersecurity:

The key to developing an incident response plan: Cedars-Sinai CISO Chris Joerg answers 4 Qs on cybersecurity
Vermont community hospital notifies 32,000 after data breach: 4 things to know
Hospitals hit in nationwide bomb threat scam

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Top 40 Articles from the Past 6 Months