[BreachExchange] Data Breach at Illinois Healthcare System

[Destry Winant]

https://www.infosecurity-magazine.com/news/data-breach-at-illinois-healthcare/

Illinois healthcare system FHN has notified patients of a data breach
that took place in February.

An investigation was launched by the Freeport-based healthcare
provider after it transpired that the email accounts of a number of
employees had been compromised.

According to a notice issued by FHN, the alarm was raised when
suspicious activity was spotted within the compromised email accounts.
FHN responded by securing the accounts and hiring a "leading computer
forensic firm" to determine what had occurred.

The investigation into the incident concluded on April 30 and
determined that an unauthorized person accessed the accounts between
February 12 and February 13.

FHN stated: "The investigation was unable to determine whether the
unauthorized person actually viewed any emails or attachments in the
accounts. Out of an abundance of caution, we reviewed the emails and
attachments contained in the email accounts to identify patient
information that may have been accessible to the unauthorized person."

After reviewing the emails and attachments that were compromised in
the incident, FHN found that sensitive data belonging to some patients
had been accessible to the unauthorized third party.

Information exposed in the data breach included some patients’ names,
dates of birth, medical record or patient account numbers, health
insurance information, and limited treatment and/or clinical
information, such as provider names, diagnoses, and medication
information.

In some instances, patients’ health insurance information and/or
Social Security numbers were also identified in the compromised email
accounts.

"This incident did not affect all FHN patients, but only those
patients whose information was contained in the affected email
accounts," stated FHN.

FHN is offering complimentary credit monitoring and identity
protection services to those patients whose Social Security numbers
and/or drivers’ license numbers were exposed in the incident.

FHN announced on July 31 that patients had been notified of the data
breach. The company said it was taking steps to prevent future
cyber-incidents.

"To help prevent something like this from happening in the future, we
have reinforced education with our staff regarding how to identify and
avoid suspicious emails and are making additional security
enhancements to our email environment, including enabling multi-factor
authentication," stated FHN.