Kansas' Lawrence Memorial Reports Patients' Credit Card Info Publicly Exposed

Personal and financial information of an undisclosed number of Lawrence (Kan.) Memorial Hospital patients was publicly available due to an online bill-pay website security error, according to a hospital news release.

The hospital's vendor for online patient bill-pay services — Mid Continent Credit Services, d/b/a Blue Sky Credit — ran its services on a website hosted by BrickWire. The information was inadvertently made public from Sept. 20-Oct. 28 because of "failed security measures" on the BrickWire website, according to the release.

Depending on what information was entered into the online payment system, the exposed information could include patients' names; phone numbers; e-mail addresses; healthcare providers; payment amounts; dates of payment; credit card information, including type of card, name and address of card holder, account number, verification number and expiration date; or checking account information, including check number, account holder name and address, account number, bank routing number and the bank name and address.

Mid Continent Credit Services is offering a free one-year credit monitoring subscription to affected individuals.

Related Articles on Data Breaches:

Hard Drive with Information on More Than 16k UCLA Patients Stolen in Home Burglary
Data Breach at High Point Health System in N.C. Affects Nearly 50 Patients

9 Patients' Identities Stolen in Emory Healthcare Data Breach

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Top 40 Articles from the Past 6 Months