Malware, Phishing

Phishing attacker gains access to Baystate Medical Center patient records


Baystate Medical Center reportedly suffered a data breach possibly impacting 12,000 patients.

DHS investigates possible vulnerabilities in medical devices, Reuters reports

The Springfield, Mass.-based hospital told patients that between Feb. 7 and March 7, 2018, several employee email accounts were compromised after a worker was victimized by a phishing scheme giving an unauthorized person access to their accounts.

Baystate said the accounts were quickly locked down, but not before certain patient information was exposed. This included patient names and dates of birth, health information (such as diagnoses, treatment information and medications), and in some instances health insurance information, Medicare numbers and Social Security numbers.

Baystate said its medical record database was not accessed and the hospital does not believe the compromised information has been used. "This incident did not affect all Baystate patients, and we have no indication that any patient information was actually acquired or viewed, or that it has been misused," hospital officials said in a release. reported that 12,000 patients were affected.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.