On Jan. 12, the Denver-based provider discovered the data breach and began investigating. It hired a firm with expertise in computer forensics to assist in the investigation, secured the employee email account and secured their “entire email environment,” the news release said.
On Feb. 24, the investigation concluded that an unauthorized party accessed two user accounts that had patient information and may have synced the email account to store the data between Jan. 6 and Jan. 17.
Personal information synced onto the hackers’ databases may have included patients’ full names, Social Security numbers, financial accounts and medical treatment information, among other personal information.
In response, CRA is enhancing its protections that are already in place, making changes to how authorized individuals access their accounts, requiring password changes to employee accounts and reminding employees about security awareness.
To read the full notice, click here.
CISO outlines additional cybersecurity challenges of working in a rural hospital
Health data hacking incidents spike 42% during pandemic: report
Hackers steal health data of 50,000 patients from Pace Program claim company
At the Becker's 11th Annual IT + Revenue Cycle Conference: The Future of AI & Digital Health, taking place September 14–17 in Chicago, healthcare executives and digital leaders from across the country will come together to explore how AI, interoperability, cybersecurity, and revenue cycle innovation are transforming care delivery, strengthening financial performance, and driving the next era of digital health. Apply for complimentary registration now.
