[BreachExchange] New Mexico hospital alerts 14, 000 patients of data breach

Destry Winant destry at riskbasedsecurity.com
Thu Sep 12 10:14:09 EDT 2019


Artesia (N.M.) General Hospital has notified 13,905 patients of a
recent security incident that may have exposed patient information.

Artesia General Hospital discovered that between June 11-18 an
unauthorized third party had gained access to an employee's email
account. The hacker began sending unauthorized emails from the
employee's account.

The hospital is unaware if the hacker viewed or downloaded any patient
information that was stored in the email account. Artesia General
Hospital said there has been no evidence that patient data has been

Patient data that may have been exposed included names, dates of
birth, medical record or account numbers, health insurance information
and limited treatment and/or clinical information. In some instances,
patients' Social Security numbers were also stored in the compromised
email account.

"To help prevent something like this from happening in the future, we
have reinforced education with our staff regarding how to identify and
avoid suspicious emails and are making additional security
enhancement," the hospital said in a statement.

More information about the BreachExchange mailing list