Montana hospital employee's email hacked while traveling, 8.4K patients' data stolen

Julie Spitzer - Print  | 

The email account of a Billings (Mont.) Clinic employee was hacked while they were on an overseas medical mission in May, potentially compromising 8,400 patients' information.

The incident did not involve patients' Social Security numbers, banking, credit card or insurance information. Billings Clinic's financial and EHR systems were not compromised.

Upon discovering the incident, Billings Clinic immediately disabled access to the account and launched an investigation. Hospital officials also moved to enhance the security of the clinic's email system.

The investigation revealed the hacker only obtained access to messages and attachments within the individual's email account. Much of the compromised information was used for appointment scheduling between 2008 and 2011.  

"Unfortunately, healthcare organizations across the nation are under constant attack by cyber criminals. We take the protection of our patients' data very seriously," Billings Clinic CIO Randy Thompson, MD, said in an emailed statement to Becker's Hospital Review. "We are continuously enhancing our cybersecurity capabilities as these attacks become more prolific."

More articles on cybersecurity:

Texas physician group notifies 18K of data breach after email hack
Tennessee health department exposes patient HIV statuses for 9 months
Healthcare is No. 3 fastest industry to fix vulnerabilities once discovered

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.