Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Hospital Boosts Security, Issues Notifications After Breach

Cheyenne Regional Medical Center has added security measures and is informing people whose personal information was exposed due to a data breach earlier this year, hospital officials said.

Cheyenne Regional Medical Center has added security measures and is informing people whose personal information was exposed due to a data breach earlier this year, hospital officials said.

The breach was discovered in April but is being publicly disclosed now to inform the community out of “an abundance of caution,” said Jacqueline Van Cleave, the hospital’s director of compliance and privacy.

Van Cleave told The Wyoming Tribune Eagle that a hacker accessed a “limited number” of employee email accounts that contained as many as 16,000 patients’ personal information, including dates of birth and Social Security numbers. The number of patients whose information was exposed is being checked, she said.

It appears that the hacker appeared to be interested in payroll information, and there is no evidence that the exposed patient information has been misused, she said.

The hospital’s review concluded in November, and officials plan to send notification letters to people whose information was in the compromised emails. The hospital is offering them free credit monitoring.

CRMC policies and procedures say that patient information must be securely stored in the hospital’s electronic health records system. But some information can be exchanged via email among staff for administrative purposes.

Since the breach, CRMC has implemented further security measures surrounding internal network applications and is continually reviewing its security process, officials said.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Jill Popelka has been appointed CEO at Darktrace, after serving as COO for three months.

GitHub has appointed Alexis Wales as its new Chief Information Security Officer.

Cybersecurity and intelligence solutions provider Nightwing has appointed Christopher Jones as CTO and CDO.

More People On The Move

Expert Insights