Carle Foundation Hospital Hit With Data Breach Compromising Patient Information


This incident has impacted only certain patients who received cardiology or surgery services at Carle Foundation Hospital.
The compromised email accounts contained patient information such as names, medical record numbers, dates of birth, and clinical information such as diagnosis and treatment plan.

The intrigue


Carle Foundation Hospital in Urbana, Illinois, suffered a data breach incident after an unauthorized third-party gained access to three employees’ email accounts.


Behind the scenes


Unauthorized third-parties gained access to employees’ email accounts after three Carle physicians fell victim to a phishing attack. Upon learning this, Carle immediately secured the compromised email accounts.


The healthcare organization hired a leading cybersecurity firm and launched an investigation to determine what information may have been impacted.


The impact


This incident has impacted only certain patients who received cardiology or surgery services at Carle Foundation Hospital.


The compromised email accounts contained patient information such as names, medical record numbers, dates of birth, and clinical information such as diagnosis and treatment plan.
However, no Social Security numbers or financial information were not contained in the physicians’ email accounts.

“We have no indication the unauthorized person used patient information in any way or viewed the emails containing patient information,” Carle said in a press release.




Support the originator by clicking the read the rest link below.