A March 19 news release shared with Becker’s said Zion, Ill.-based CTCA Midwestern Regional on Jan. 28 began notifying patients affected by suspicious activity on an employee email account.
CTCA launched an investigation with a forensics firm and concluded it was possible that an unauthorized party gained access to information on the email account between Jan. 12 and Jan. 18.
Information in the email account may have included patient names, medical data and health insurance information. Financial information and Social Security numbers were not involved.
The account holder’s password was changed, and the previous email credentials are no longer usable.
The release advises affected patients to monitor their benefits statements to check for unfamiliar healthcare services and contact their health plan if there is unusual activity.
CTCA said they have implemented additional security measures and are evaluating potential security enhancements. CTCA will continue to educate their employees on cybersecurity threats so this will not happen again, the release said.
Becker’s Hospital Review contacted CTCA, and a spokesperson said they didn’t have anything additional to share.
More articles on cybersecurity:
Healthcare management company pays ransom weeks before cybergang disrupted
Scammers turn to fake vaccine sites to lure phishing victims
Tech misstep exposes 65,000 patient files at Chicago provider
