Cyber Security Summary – January 2017

February 9, 2017

CYBER SECURITY (2)

As far as healthcare security is concerned, 2017 is off to a pretty good start. Although there were 24 data breaches that occurred in January, 151,970 records were compromised. Considering the monthly average of records compromised in 2016 was over a million, things are going pretty well! Notable breaches last month included a laptop stolen from a physician’s car, and two system hacks.

Screen Shot 2017-02-09 at 1.12.55 PM

Old Website

A California healthcare system, that includes 6 hospitals, was hacked causing over 10,000 patient’s record to be exposed. In October 2015, an unauthorized user hacked into a website that was no longer in use. The hack was not discovered by authorities until last month when officials were notified. Dates of birth, medical records and phone numbers were among the information stolen. Since the discovery, the health system has taken proper measurements to secure its website and have provided the patients who were affected with free credit monitoring services for a year.

 

Stolen Laptop

A laptop which contained protected health information of over 3,500 patients of a children’s hospital in California, was stolen from a physician’s locked car. The computer, which was stolen in October was password protected but was not “encrypted to current institutional standards”. An investigation was conducted and it is believed that all of the information was erased from device without any patient data being accessed. The hospital is taking extra caution and sending letters to notify the thousands of patients.

 

System Hack

Nearly 5,000 patients were affected when the system of a pain management provider was hacked. The provider has offices in New Jersey, New York, and Pennsylvania that were hurt by the attack. Although the breach was discovered in November, officials are unaware how long hackers had access to information. The investigation revealed that compromised information ranged from social security numbers and Medicare numbers to medical and demographic information. Since the attack, the provider conducted a review of its security processes, which revealed a number of areas that needed improvement. It has since been enhanced to prevent any future attacks.

cyber security recap January 2017 (3)

07_linkedin 02_facebook 01_twitter 13_pinterest 10_instagram