How many victims? About 9,000 patients of Verity Health, which includes six California hospitals, the Verity Medical Foundation and Verity Physician Network.
What type of information? The information dated between 2010 and 2014 included patient names, birth date, medical record numbers, address, email, phone numbers and the last four digits of their credit cards. No Social Security numbers were exposed.
What happened? On January 6 an an unauthorized third party was detected accessing the defunct Verity Medical Foundation-San Jose Medical Group website. The initial investigation found that the access took place some time between October 2015 and January 2017.
What was the response? Verity's IT team secured the unused website to prevent any further incursions. It has also notified those affected by letter.
Quote: “Verity Health System takes the security of our patients' information seriously, and we regret that this incident occurred,” said Andrei Soran, said Verity's chief executive officer. “We took immediate steps to investigate this incident, notify the affected individuals and appropriate authorities, and ensure enhanced protection of our information systems going forward. We are working with a leading cyber-security firm to further evaluate the integrity of our information systems.”
Source: Verity Health System