How many victims? 18,470 patients
What type of information? Patient names birthdates, medical record numbers, provider names, dates of service, department names, locations, medical conditions and health insurers were compromised in the incident.
What happened? On Oct. 3, 2017, officials learned someone gained access to or stole the email credentials of a group of employees. These credentials enabled access to employee's emails which contained the patient health information.
What is the response? The company said it is strengthening its security protections for employees and that employees will be educated in the coming weeks on best practices. The hospital is also expediting its initiatives around email retention and multi-factor authentication in an attempt to decrease future risks to patients and employees.
Quote: "We are very sorry this happened,” the firm said in a statement. “We take very seriously any misuse of patient information, and we are continuing our own internal investigation to determine how this happened and to ensure no other patients are impacted.”