Sacred Heart patients' billing information hacked

  • March 16, 2015
  • /   Staff Reports
  • /   education
Sacred Heart Health System recently sent letters to approximately 14,000 patients informing them of a hacking attack which targeted one of its third-party billing vendors. Specifically, hackers were able to use a deceptive technique known as a phishing attack to gain access to the e-mail account of an employee of the billing vendor. [sidebar] What is Phishing? Phishing is an attempt by an individual or group to solicit personal or business information from unsuspecting users. Phishing attempts often have the following characteristics: Emails appear to be sent from a legitimate organization or known individual. Messages entice users to click on a link to a fraudulent website or to respond to the email. Messages request personal information such as account usernames, passwords, first/last name, date of birth and credit card numbers. Links provided often install malicious software on the user’s device compromising the email account. [/sidebar] The attack resulted in certain patient health information being compromised which included patient names, date of service, date of birth, diagnosis and procedure, total charges and physician name. Approximately 40 individuals' Social Security numbers were also compromised. The hackers did not gain access to patients’ medical records. Upon receiving notice of the incident on Feb. 2, Sacred Heart, in cooperation with the billing vendor, immediately launched a thorough investigation into the matter. Sacred Heart engaged computer forensics experts who were able to conduct an analysis to help determine the scope of the incident and accurately identify all individuals affected. "We value the privacy and security of patient information, and regret this unfortunate incident," said Genevieve Harper, Privacy Officer for Sacred Heart Health System." "It is our priority to support those who have been affected." "We are taking the necessary and appropriate steps to prevent this type of incident from occurring in the future." Harper said. "Specifically, we are working with our billing vendor to ensure they are continually evaluating and modifying their practices to enhance the security and privacy of all confidential and/or sensitive information in their possession.” Concerned individuals may wish to obtain a free credit report from each of the credit reporting bureaus – Equifax, Experian and TransUnion. The credit bureaus’ information is below: [sidebar] Equifax 800-525-6285 www.equifax.com Experian 888-397-3742 www.experian.com TransUnion 800-680-7289 www.transunion.com [/sidebar] Identity monitoring and protection services will be offered free of charge as appropriate for individuals whose social security number has been affected by the incident. Affected individuals may call 1-877-244-8984, Monday through Friday, 8 a.m. to 6 p.m. with questions.
Back to Blogs

Recent Posts

  1. Charles Marohn CivicCon launches with a look at good growth in cities
  2. baby in a stroller Building stronger brains one baby, one parent at a time
  3. SCI debuts commercial on Early Learning City
  4. Entrecon: World class speakers and an opportunity to sharpen skills
  5. PYP Quality of Life survey 2017
  6. EntreCon Pensacola 2016: A look back
  7. Leadership tip: getting better employee takeaways
  8. Leadership tip: be interested instead of interesting
  9. Leadership tip: delivering difficult messages
  10. Brain Bags boost Arc, Early Childhood Court programs

We use cookies to enhance your experience and improve our services and our website’s functionality. By continuing to use our website, including remaining on the landing page, you consent to our use of cookies.

Your items have been added to the shopping cart. The shopping cart modal has opened and here you can review items in your cart before going to checkout