Illinois healthcare system FHN has notified patients of a data breach that took place in February.
An investigation was launched by the Freeport-based healthcare provider after it transpired that the email accounts of a number of employees had been compromised.
According to a notice issued by FHN, the alarm was raised when suspicious activity was spotted within the compromised email accounts. FHN responded by securing the accounts and hiring a “leading computer forensic firm” to determine what had occurred.
The investigation into the incident concluded on April 30 and determined that an unauthorized person accessed the accounts between February 12 and February 13.
FHN stated: “The investigation was unable to determine whether the unauthorized person actually viewed any emails or attachments in the accounts. Out of an abundance of caution, we reviewed the emails and attachments contained in the email accounts to identify patient information that may have been accessible to the unauthorized person.”
After reviewing the emails and attachments that were compromised in the incident, FHN found that sensitive data belonging to some patients had been accessible to the unauthorized third party.
Information exposed in the data breach included some patients’ names, dates of birth, medical record or patient account numbers, health insurance information, and limited treatment and/or clinical information, such as provider names, diagnoses, and medication information.
In some instances, patients’ health insurance information and/or Social Security numbers were also identified in the compromised email accounts.
Source: InfoSecurity Magazine