UnityPoint Security Breach Puts Records of 1, 800 Patients at Risk

[InfoSec News <alerts () infosecnews org>]

http://www.kcrg.com/news/local/UnityPoint-Security-Breach-Puts-Records-of-1800-Patients-at-Risk-226237711.html

By Erin Jordan
Reporter
KCRG.com
Oct 2, 2013

CEDAR RAPIDS, Iowa - Personal information of 1,800 UnityPoint Health 
patients, including about 350 patients in the Cedar Rapids area, may be at 
risk following a security breach in the network’s electronic medical 
record.

Hospital employees discovered the breach Aug. 8 during a regular security 
audit, UnityPoint Spokeswoman Laura Sinnard said. They traced the breach 
back to an authorized user who gave the log-in and password information to 
someone else, who tapped into the records with high enough frequency to 
raise red flags during the audit, Sinnard said.

UnityPoint forced a password reset and reported the breach to the FBI, 
which is investigating.

Information that may have been accessed for affected patients includes 
names, home addresses, dates of birth, Social Security Numbers, medical 
account numbers, health insurance account numbers and Driver’s License 
Numbers, health information about patient treatment, and information about 
the patient’s financially-responsible party.

The unauthorized access occurred from February through August for patients 
across the state.

[...]

--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/