The hospital said March 26 that Healthgrades alerted it of the breach on Jan. 29. Healthgrades previously provided Lexington Medical Center with IT support and help educating patients and the community about the services the hospital offers, according to LMC’s news release.
An unauthorized individual gained access to one of Healthgrades’ archived servers between Oct.r 16, 2020, and Oct. 28, 2020. The server contained LMC patient information in some backup files from the time Healthgrades provided services to the hospital. The files involved in the breach included data from mid-2010 to mid-2011, and information exposed varied by patient but included names, addresses, LMC medical record numbers, Social Security numbers and health insurance details.
LMC said that it has not received any indication that patient information involved in the breach has been misused and confirmed that no more patient data is being stored on Healthgrades’ systems. Any patients whose information was exposed by the incident are being offered free credit and identity monitoring services.
More articles on cybersecurity:
American Hospital Association selects preferred cybersecurity vendor: 5 details
How COVID-19 drove telehealth adoption: 8 key study findings
University of Miami Health patient info compromised in ransomware attack