An email security breach at LSU Health University Medical Center-New Orleans led to the probable exposure of the protected health information (PHI) of some patients.
LSU Health New Orleans Health Care Services Division earlier announced on November 20, 2020 that it has encountered a security breach through an employee’s email account in September 2020. Back then, it seemed the breach just affected selected patients who had gotten health care services from these healthcare providers: the former Earl K. Long Medical Center in Baton Rouge; Leonard J. Chabert Medical Center in Houma; W O Moss Regional Medical Center In Lake Charles; and Lallie Kemp Regional Medical Center In Independence; University Medical Center in Lafayette; Interim Lsu Hospital In New Orleans or Bogalusa Medical Center In Bogalusa.
LSU Health’s present investigation showed that the information of a number of patients of its partner hospital, University Medical Center-New Orleans, was likewise saved in the breached email account.
The breach took place on September 15, 2020 and LSU Health identified it on September 18. Though an unauthorized person accessed the email account, there is no distinct proof obtained concerning the misuse or access of PHI.
The breach affected different types of data, which may have included patients’ names, addresses, telephone numbers, account numbers, medical record numbers, Social Security numbers, birth dates, dates of service, types of services gotten, and medical insurance details. The bank account number and health information of a small number of patients might also have been compromised.
Beebe Medical Foundation Impacted by Blackbaud Ransomware Attack
Beebe Medical Foundation located in Lewes, DE has reported that it was impacted by the Blackbaud ransomware attack. Beebe Medical Foundation revealed in a breach notice on December 28, 2020 that it got a notice from Blackbaud last July 16, 2020 concerning the ransomware attack that affected Blackbaud’s systems between February 7, 2020 and May 20, 2020.
It merely became evident that Beebe records were affected last November 2020. After carrying out a review of the actual information concerned, Beebe affirmed on December 2, 2020 that the hackers gained access to the personal data of 56,953 persons. The stolen records included names, dates of birth; specialist names; dates of testing; consultation dates; and the department corresponding to healthcare services given.
Blackbaud made ransom payment to the attackers and got assurances that the stolen files have now been erased; nonetheless, as a safety measure, Beebe is giving breach notifications to impacted people.