Breach Notification
,
Healthcare
,
Industry Specific
Hacking Incident Affects Patients Who Received Care Over a 10 Year Period
A rural Utah healthcare provider is notifying more than one hundred thousand individuals of a hacking incident involving health information of individuals that received care for over a decade-long period.
See Also: Live Webinar | Education Cybersecurity Best Practices: Devices, Ransomware, Budgets and Resources
Uintah Basin Healthcare began notifying patients Wednesday that in November it detected “unusual activity” on its network.
As a result, hackers may have accessed or stolen patient data of 103,974 patients who received care between March 2012 and last November.
Healthcare center spokeswoman Maigen Zobell told Information Security Media Group that “there is no evidence to suggest misuse or attempted misuse of personal or protected health information.”
Affected information includes clinical information including diagnoses, medications and test results. The center’s flagship facility is a 42 bed hospital located in Roosevelt, a city of less than 10,000 residents in eastern Utah.
The November incident caused the healthcare center to take systems offline. It initially reported that the incident affected its phone system and network connectivity.
The healthcare center has since mandated a global password reset and deployed an endpoint detection and response tool.