Mercy Iowa City email hack exposed info of 60,000 patients: 4 details

A Mercy Iowa City employee email breach this year exposed the information of tens of thousands of patients, according to the Office of the Iowa Attorney General.

Four details:

1. The hospital discovered an employee's email had been hacked and an unauthorized party had gained access from May 15 to June 24. The hacker sent out spam and phishing emails from the employee's account during that time.

2. The compromised email account contained personal health information, including patient names, Social Security numbers, driver's license numbers, birth dates and treatment information.

3. Mercy Iowa City conducted an investigation and determined the breach exposed information of 60,473 people.

4. In a Nov. 13 letter to those affected, the hospital said it is unaware of any fraud or identity theft related to the incident.

More articles on cybersecurity:
Cyberthreat against hospitals 'persistent' with quick activation, feds warn
Texas health system's EHR back online one week after cyberthreat: 3 details
Hartford Healthcare IT shutdown denies patients portal access to coronavirus test results

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Webinars

Featured Whitepapers