Thursday, January 19, 2017

Cyberattack: Virginia-based Sentara Healthcare informs patients after vendor is hacked

A third-party vendor serving Virginia-based Sentara Healthcare faced a cyberattack, resulting in the twelve-hospital delivery system sending breach notification letters to almost 5,454 affected sufferers.

Law enforcement notified Virginia-based Sentara Healthcare of the breach on the day of Nov. 17, 2016, and a Sentara investigation highlighted the vendor, which it declined to recognize in its announcement, as the target. Healthcare agencies mostly learn of cyberattacks as police in the course of investigating a tragedy find other facilities that also were affected. Police, Sentara and the vendor sustain to investigate the tragedy, in accordance to the notification letter.

The vendor doesn’t give direct care to patients, in accordance to a Sentara spokesperson; it gives information reporting and data benchmarking services. With the investigation ongoing, the agency won’t provide extra information about the vendor or its current relationship with the vendor.

The compromised sufferer information “relates to vascular and/or thoracic processes that took place between the time period of 2012 and 2015 at a Sentara hospital in Virginia, and was inappropriately accessed,” the agency has informed patients.

Data at risk involves sufferer names, dates of birth, Social Security numbers, medical record numbers, procedures, demographic data and medications.

Affected people are being offered one year of credit monitoring and recognize theft protection in the ProtectMyID Alert service of Experian. The vendor, in accordance to Sentara, is enhancing its security posture.

 

No comments:

Post a Comment