Chicago’s South Shore Hospital has detected suspicious activity on its network on December 10, 2021. Their cybersecurity team notified that hackers stole the PHI (protected health information) of 115,670 patients. Consequently, they implemented emergency protocols for better protection. The prompt actions made the data of their patients safe again.
The third-party computer forensics experts were engaged in South Shore Hospitals’ investigation of a data breach. They determined what type of information was accessed. The results confirmed that the hackers stole the PHI and employees’ data by gaining access to files on the hospital network. In general, the information included full names, dates of birth, addresses, Social Security numbers, medical information, and health insurance documents.
South Shore Hospital will protect the affected individuals with a $1 million identity theft reimbursement insurance policy. They will also have access to identity theft recovery services. The hospital workers have started to provide their patients with information about data protection. In addition, it is possible to use the CyberScan monitoring service and sign up for a 12-month complimentary membership to IDX’s credit.
The leads of South Shore Hospital announced the implementation of additional cybersecurity measures. They will introduce multifactor authentication and stronger password policies for network protection against attacks. The workforce should take training on data privacy and security. There also will be additional anti-malware and anti-phishing tools.
Spencer Gifts Health Also Reports the PHI Breach
Spencer Gifts has discovered a significant HIPAA violation. At the end of 2021, unauthorized individuals gained access to its network. They might view or obtain the files of health and welfare benefits plans as well as protected health information of 10,023 members. On November 25, 2021, the experts detected a cyberattack and eliminated it the following day.
The investigation confirmed an explosion of names, Social Security numbers, and plan selection information. Affected individuals started receiving notification letters on January 24, 2022. Then they got complimentary identity theft monitoring services. Spencer Gifts promised to implement policies and procedures for stronger cybersecurity.
