Application security, Breach, Threat Management, Data Security

Compromised email account leads to Saint Francis Ministries data breach

An unauthorized party gained entry into an an employee's email account at Saint Francis Ministries, accessing sensitive personal identifying information, as well as financial and protected health data.

In an online notification and corresponding press release, the Salina, Kan.-based non-profit organization said the actor accessed the account between Dec. 13 and 20 of 2019. Saint Francis first noticed the anomalous activity on Dec. 19, confirmed the illegal access on Feb. 12 and determined on March 24 that data belonging to multiple individuals was exposed.

Affected information includes social security numbers, birth dates, driver's licenses and state IDs, bank and financial account numbers, payment card numbers, treatment and diagnosis information, prescription information, provider names, medical record numbers and patient IDs, Medicare and Medicaid numbers, health insurance information, treatment cost information, and credentials (usernames and passwords).

SC Media contacted Saint Francis for clarification on whether the exposed data belongs to recipients of its services, employees of the organization, or both. Morgan Rothenberger, director of marketing and communications, replied, "We are still in the process of determining the relationships affected individuals have to Saint Francis Ministries. We will notify affected individuals on a rolling basis and as required by the applicable notification statutes. "

Saint Francis asserts that it is "unaware of any actual or attempted misuse of any personal or protected health information relating to this incident." The organization said that this week it will mail notices to impacted individuals, warning them to review account statements, credit reports and explanation of benefits forms for suspicious red flags, and to watch out for identity theft and fraud schemes. It will also offer recipients 12 months of free credit monitoring and/or identity theft restoration services.

"While we have security measures in place to protect information in our care, we are also taking steps to implement additional safeguards and review policies and procedures in order to protect the security of information on our systems," Saint Francis said in its online statement. "Specifically, Saint Francis immediately changed the credentials for the email account once it detected the suspicious behavior.

Saint Francis offers services related to adoption, foster care, behavioral health, migrant and refugee initiatives, and more. It has locations based in Arkansas, Kansas, Mississippi, Nebraska, Oklahoma, Texas and Central America.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.