Miracle-Ear and Best Hearing Products are notifying 554 of Best Hearing Products' clients that their personal health information may have been exposed when an unknown and unauthorized intruder gained access to the email account of an employee who provides support to Miracle-Ear Oct. 24, the company confirmed to Becker's Hospital Review.
Miracle-Ear is a franchisor and hearing aid supplier to Best Hearing Products. The affected email account belongs to an employee of Amplifon, the parent company of Miracle-Ear, which provides administrative support to the company.
Once Miracle-Ear learned of the intrusion, it launched an investigation into the incident, which determined the account had an email with an attached spreadsheet containing excerpts of 554 patient records associated with Best Hearing Products' Coon Rapids, Minn., location. The spreadsheet contained clients' names, addresses and contact information, dates of birth, customer numbers, purchase dates, hearing test results and contact preferences. No Social Security numbers or financial information were exposed.
Miracle-Ear took corrective action following its discovery of the incident, which included changing the password to the affected email account, reviewing internal password policies, changing all employee passwords to comply with strong password requirements and educating employees on how to spot suspicious emails. No other accounts were believed to be compromised.
More articles on cybersecurity:
Employee wrongdoing at SSM Health affects 29k patients
Jones Memorial Hospital experiences computer downtime following cyberattack