Four details:
1. The former employee and a vendor accessed patient names, medical record numbers and surgical dates as part of a scheme to bill the hospital for unused surgical products, the health system said. The breach was between January 2018 and July 2020 and affected about 4,000 patients.
2. Montefiore is notifying patients whose information was breached. The incident is still under investigation. The former employee has died.
3. Patient Social Security numbers and financial information were not breached. The investigation has not found evidence that insurance companies were improperly billed.
4. The vendor involved in the breach was banned from the hospital’s campus.
More articles on cybersecurity:
Colorado health provider alerts 295,617 patients of data breach
Nearly 1M health records breached in November
California medical center server issue exposed patient data for 4.5 years
