10,000 patients impacted due to data breach in Massachusetts General Hospital

Massachusetts General Hospital (MGH) announced on Thursday (i.e. on August 22, 2019) that around 10,000 people's private information got revealed as a result of a data breach in their neurology department.

On Jun. 24, 2019, the MGH discovered that a hacker has gained access to the databases used for the research purposes. The officials said that an investigation was launched immediately, which confirmed that two computer applications that were used by the researchers in their Department of Neurology, were subjected to unauthorized access for almost a week (i.e. in between Jun. 10 and Jun. 16, 2019).

As a result, the unauthorized individual was having access to data related to the neurology research that was conducted by MGH. The kinds of information in compromised databases vary by patient to patient. The breached data contains sensitive information like patient names, date of birth, age, marital status, ethnicity, sex, race, dates of the study visits along with tests, diagnoses, treatment information, medical record numbers, genetic data, biomarkers, type of study along with the research study identification numbers, types of assessments along with results, and various other research information like autopsy results details and date of death.

No highly sensitive information, like Social Security numbers, health insurance data, contact details such as phone numbers or addresses, and financial information, was compromised during this security incident. The medical records systems of MGH were not affected by this breach.

"As soon as MGH discovered this incident, it took steps to prevent further unauthorized access and restore the affected research computer applications and databases. MGH also engaged a third-party forensic investigator to conduct a review and has contacted federal law enforcement as a precaution," said the hospital in a statement. The officials said that they are continuing to review as well as enhance the security processes around the research programs.

MGH is contacting the affected individuals so as to inform them about the privacy breach. However, based on findings of investigation as well as the nature of information exposed, the MGH does not think that the affected individuals have to take any kind of steps for protecting their identities. The hospital has further provided the toll-free number (i.e. 866-904-6219) for those who are looking for any additional details.

» SPAMfighter News - 9/5/2019