Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Hospital Boosts Security, Issues Notifications After Breach

Cheyenne Regional Medical Center has added security measures and is informing people whose personal information was exposed due to a data breach earlier this year, hospital officials said.

Cheyenne Regional Medical Center has added security measures and is informing people whose personal information was exposed due to a data breach earlier this year, hospital officials said.

The breach was discovered in April but is being publicly disclosed now to inform the community out of “an abundance of caution,” said Jacqueline Van Cleave, the hospital’s director of compliance and privacy.

Van Cleave told The Wyoming Tribune Eagle that a hacker accessed a “limited number” of employee email accounts that contained as many as 16,000 patients’ personal information, including dates of birth and Social Security numbers. The number of patients whose information was exposed is being checked, she said.

It appears that the hacker appeared to be interested in payroll information, and there is no evidence that the exposed patient information has been misused, she said.

The hospital’s review concluded in November, and officials plan to send notification letters to people whose information was in the compromised emails. The hospital is offering them free credit monitoring.

CRMC policies and procedures say that patient information must be securely stored in the hospital’s electronic health records system. But some information can be exchanged via email among staff for administrative purposes.

Since the breach, CRMC has implemented further security measures surrounding internal network applications and is continually reviewing its security process, officials said.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...