Hackers Hijack Health Records of Patients of Seton family of Hospitals

Statesman.com reported on 24th April, 2015 stating that hackers compromised the systems of Seton Family of Hospitals and accessed the information of patients like Social Security numbers, names, addresses, dates of birth, medical information and insurance information.

Seton Family of Hospitals, a division of Seton Healthcare Family (Texas, Austin, US) has sent letters to around 39,000 individuals informing them about the breach.

Hackers were able to gain access to email accounts of employees on 4th December, 2014 through an email phishing attack.

Statesman.com published news on 24th April, 2015 quoting Jesus Garza, President and Chief Executive Officer of Seton Healthcare Family, as saying "Seton is committed to protect the confidentiality and privacy of its employees and patients."

Garza said that the organization is taking suitable action to prevent recurrence including implementing technical, physical and administrative safeguards against any illegal access to protected information and also employees of Seton will be trained properly to protect data.

Seton will provide free identity monitoring and also protection to those who's SSNs (Social Security numbers) has been compromised. Affected persons can call (888) 687-9294 from 8 a.m. to 6 p.m. on weekdays to ask any question.

The first phishing email scam took place at St. Vincent Medical Group (Indiana, US) and it was reported last week (fourth week of April 2015). In this case, around 760 patients might have their PHI publically revealed after an employee's username and password was hijacked and this mishap was identified on 3rd December, 2014 which was just one day prior to the reporting of the Seton phishing scam.

Healthsecurity.com published a statement of the facility on 27th April, 2015 saying "St.Vincent Medical Group sincerely regrets for any inconvenience caused due to this untoward incident and guarantees all its patients that the trusted health-chain is taking suitable action to avoid the recurrence of this type of incident in future.

St. Vincent reported that the information which might have been compromised included names of patients, demographic information like birth dates and phone numbers, social security numbers and account numbers. Clinical details related to services rendered to patients might also have been compromised but the facility noted that individual medical records and billing records were not breached.

» SPAMfighter News - 5/1/2015