Hartford HealthCare Hit by Valentine's Day Data Breach

A US healthcare provider that serves 185 towns in Connecticut and Rhode Island has issued a data breach notification. 

Hartford HealthCare released a statement on April 13 warning patients about a cybersecurity incident that took place between February 13 and Valentine's Day (February 14) this year. 

According to the notification, attackers gained access to patients' personal information after compromising email accounts belonging to two of Hartford HealthCare's more than 30,000 employees.

After suspicious activity was observed in the targeted email accounts, Hartford HealthCare "immediately took steps to secure the accounts" and engaged a technology forensics firm to investigate the attack. 

The healthcare provider said that up to 2,651 individual patients may have been affected by the incident. Information that malicious hackers got their hands on included patient names, dates of birth, clinical information, and health insurance information. 

For 23 individuals, an insurance account number that includes their Social Security number was illegally accessed. And, for an undisclosed number of patients, personal financial information was involved.

A spokesperson for Hartford HealthCare said: "For nearly all of the affected individuals, the information did not include any personal financial information, such as Social Security number or credit card information."

The organization said that it had found no evidence that any of the information that had been accessed in the incident had been misused. 

"The investigation determined that an unauthorized person gained access to two employees’ email accounts between February 13, 2020, and February 14, 2020," said a spokesperson for Hartford Healthcare ..

Support the originator by clicking the read the rest link below.