OH Muhlenberg, LLC recently suffered a keystroke logger cyberattack, which lead to a health data breach. Affected information includes patient names, addresses, telephone numbers, dates of birth, Social Security numbers, driver’s license/state identification numbers, health plan information, financial account numbers, payment card information, and employment information.
After the FBI notification, hospital conducted a large-scale investigation. OH Muhlenberg found that
Hospital suffers data breach
a malicious software, called keystroke logging, had been installed on several of the hospital’s computers.
The health data breach also affected hospital employees and contractors which includes providers who worked in OH Muhlenberg. Exposed information for them includes credentialing information, Drug Enforcement Administration numbers, National Provider Identifiers, and state license numbers.
According to the hospital, it is not possible to know which patients have been affected by this security breach.
“Unfortunately, we cannot determine the type of information that may have been accessed during the incident because it is impossible to determine exactly what information was inputted into the infected computers,” OH Muhlenberg wrote in a frequently asked questions document regarding the breach.
OH Muhlenberg expressed regret for this situation. Statement also mentioned its commitment to protect sensitive patient information.
“The Hospital is committed to maintaining the privacy of its patients, employees, and providers, and takes precautions for the security of personal and medical information,” said thehospital’s director of privacy and security DeAnn Tucker, RHIA, CHPS, CCS. “We sincerely regret any inconvenience this incident presents to you.”
Get your personal as well as office laptops encrypted by Alertsec
Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.
Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.