– Texas Health Resources recently filed 15 breach notifications, stemming from a misconfiguration error in its billing system that compromised the data of 82,577 patients.
Texas Health is the largest faith-based health system in the state with hospitals and clinics in 16 counties and serving about 7 million patients each year. Officials filed breach reports for each of its 15 hospitals impacted by the security incident.
Officials first learned about the security incident on August 23. A misconfiguration error allowed for patient data to be matched with and sent to the incorrect guarantor for nearly three months between July 19 an September 4.
The IT team immediately took steps to correct the mistake and launched and investigation. Officials determined that some billing information was potentially mailed to the wrong recipients during that timeframe.
The compromised data included names, account numbers, service dates, provider names, insurer details, amounts owed, and for some patients, a brief description of services rendered. No health insurance identification numbers, financial information, or Social Security numbers were breached.
Misconfiguration errors are common in the healthcare sector, with an IntSights report finding that 30 percent of online health databases expose patient data.
To combat this, researchers recommended organizations gain a better sense of the digital assets found on their servers and potential vulnerabilities. Multi-factor authentication can also bolster web-based apps, as well as tighter access controls on resources, such as limiting the number of credentials to each database.
Maine’s InterMed and Sweetser Report Employee Email Compromises
About 30,000 patients of Maine-based InterMed are receiving notification that their personal and health information was potentially breached due to an employee email compromise.
InterMed discovered an employee email account was access by an unauthorized party on September 6. An investigation revealed the incident began two days earlier, and three additional employees had also been hacked between September 7 and September 10. Upon discovery, the accounts were secured.
The hacker potentially had access to email messages and attachments, which included some patient data, such as names, health insurance information, clinical data, and dates of birth. For 155 patients, Social Security numbers were breached. Those patients will receive a year of free credit monitoring and identity theft protection services.
The security incident was contained to the email system. Officials said they could not determine if the emails were actually accessed by the attacker. InterMed has since enhanced its email best practices and bolstered its security.
Maine’s Sweetser also reported an email-related breach this week, impacting 22,000 patients. However, the breach occured in June, and officials did not determined that patient data was involved until five months later.
Suspicious activity was discovered on one employee account on June 24, and officials launched an investigation with assistance from a third-party forensics team. They determined several employee email accounts were also accessed between June 18 and June 27.
In September, they were notified that the compromised accounts contained a wide range of patient data that varied by patient, such as names, contact details, Social Security numbers, Medicare or Medicaid data, driver’s licenses, identification numbers, diagnosis codes, treatments, payment and claims data, and medical conditions.
Those patients whose Social Security numbers were compromised will receive a year of free credit monitoring and identity theft services.
These Maine providers join a growing list of healthcare organizations reporting email-related breaches in the last year. Business email compromise attempts doubled in the last year, according to the Treasury Department, with the healthcare sector seeing a rapid increase in these targeted attacks.