August 3, 2018
Another day, another data breach!
This time-sensitive and private data of hundreds of thousands of individuals at Boys Town National Research Hospital have been revealed in what seems to be the biggest ever informed breach by a pediatric treatment provider or kids’ hospital.
As per the U.S. Division of Health and Human Services Office for Civil Rights, the breach occurrence affected 105,309 people, including patients and workers, at the Omaha-based medical company.
In a “Notice of Data Safety Occurrence” distributed on its website, the Boys Town National Research Hospital confessed that the company became conscious of an unusual behavior concerning one of its workers’ electronic mail account on May 23, 2018.
After starting a legal inquiry, the hospital noticed that an unidentified hacker succeeded to penetrate into the worker’s electronic mail account and thieved private information saved within the electronic mail account as a consequence of illegal access.
The hacker retrieved the private and medical data of over 100,000 patients and workers, including:
- Social Security number
- Medicare or Medicaid identification number
- Billing/claims information
- Disability code
- Employer Identification Number
- Passport information
- Username and password
- Diagnosis or treatment information
- Health insurance information
- Driver’s license number
- Date of birth
- Birth or marriage certificate information
- Medical record number
- Banking or financial account number
With this wide-ranging information in hand, it is most likely that hackers are already vending private information of sufferers on the dark web or trying to carry out more harm to them, specifically child patients at the hospital.
Nevertheless, The Boys Town National Research Hospital states it hasn’t obtained any reports of the abuse of the thieved information thus far.
The hospital has also informed the occurrence to law enforcement and is informing state and federal officials, together with possibly affected people. Boys Town has also vowed to offer affected people access to 12 months of free identity security facilities.
Boys Town hospital is also revising its current plans and processes and is applying some additional safety measures to protect its users’ information saved in its systems.
Nevertheless, sufferers are highly recommended to check their accounts for any fake deal and must consider placing a credit stop request.