Electronic mail Account Breach Affects 4,000 Patients of Texas Health Resources

April 18, 2018

 

Texas Health Resources is sending notices to ‘fewer than 4,000 patients’ that a few of their PHI might have been seen by illegal people.

The Arlington-based healthcare supplier, a supplier to more than 1.7 million patients in North Texas, states that the data breach might have occurred as early as October 2017, even though they did not detect it until January 17, 2018, when police alerted the health system to it. The breach undermined data that was included in electronic mail accounts that the hacker(s) might have been capable to access to for as long as three months.

Law enforcement agencies demanded that there must be a delay in delivering breach notice letters, which would usually have to be delivered within 60 days of the detection of the breach according to HIPAA Laws. HIPAA protected companies are lawfully allowed to postpone the delivering of official notices if law enforcement requests it because of fears that an inquiry might be delayed. It is only lately that law enforcement agencies have given approval for the organization to begin delivering notices. It’s still not known if the law enforcement probe led to anybody arrested in relation to the cyberattack.

Texas Health Resources explained, in the substitute breach notification that was filed, that the occurrence formed part of a larger attack that affected a number of units all over the USA. It is still not known which other healthcare units were also focused by the attacker and for that reason the real extent of the hacking campaign.

After conducting an internal inquiry, Texas Health Resources found that the undermined electronic mail accounts had information including names, insurance information, state ID numbers, drivers’ license numbers, medical record details, Social Security numbers, dates of birth, and clinical data. Most of those impacted had been cured at Texas Health Resources services during 2017.

People whose Social Security details were disclosed have been provided free identity theft and credit checking facilities for 12 months. No formal reports have been submitted to show the information has been abused in any way.

Texas Health invests, on a continuing basis, to improve its safety measures to maintain PHI in a secret way to remove the probability of any future safety occurrences being experienced.