Medical College of Wisconsin breach affects 3,200 patients

Medical College of Wisconsin in Milwaukee has notified patients of a security incident after an unauthorized third party accessed an employee's email account.

MCW noticed unusual activity associated with the email account July 5. A forensic investigation revealed an unauthorized party had accessed the employee's email account between July 2 and July 4. The unauthorized email access did not affect the security of other email accounts, networks or servers linked to MCW, according to the organization's notification.

The affected email account contained patient names, birth dates, home addresses, medical record numbers, and codes and notes related to diagnoses and provided treatments. Two patients' Social Security numbers were included. However, no insurance, credit card, banking or financial information was within the email account.

There have been no indications any of the information has been used for fraudulent or harmful purposes, and there is no forensic evidence any personal or health information was actually acquired or viewed, according to MCW.

"MCW is committed to safeguarding the privacy of patients' healthcare information and has taken steps to minimize the risk of a similar incident in the future, including ongoing updates to its system security and firewalls and conducting security awareness and training reminders for all workforce members on how to effectively protect private patient information," according to the notification.

More articles on data breaches:

3 tips on how not to pay a ransom
Data breach affects 68M Dropbox users
Feds investigate computer virus at ARH hospitals

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Top 40 Articles from the Past 6 Months