The info of hundreds of patients has been uncovered adhering to a cyber-attack on Louisiana Point out University health-related facilities.
LSU Well being New Orleans issued a HIPAA breach notification on November 20 right after detecting a cyber-intrusion into an employee’s electronic mailbox.
“The intrusion appears to have transpired on September 15, 2020, and the mailbox entry was found and disabled on September 18, 2020,” explained LSU Wellness.
Email messages or attachments in the compromised account contained restricted information and facts about individuals who been given treatment at Lallie Kemp Regional Medical Centre in Independence Leonard J. Chabert Health care Heart in Houma W. O. Moss Regional Professional medical Centre in Lake Charles the former Earl K. Prolonged Health care Middle in Baton Rouge Bogalusa Medical Middle in Bogalusa College Health care Centre in Lafayette and Interim LSU Healthcare facility in New Orleans.
Details exposed in the attack may possibly have involved patients’ names, health-related file numbers, account quantities, dates of beginning, Social Security numbers, dates of service, styles of services acquired, phone figures and/or addresses, and insurance coverage identification quantities.
The variety and total of patient information and facts compromised in the incident various by locale of care and just about every email information. LSU stated that “a several” email messages “contained a patient’s bank account quantity and health information and facts like a diagnosis.”
LSU Wellbeing mentioned that while “it is feasible that this data was obtainable,” the Wellbeing Treatment Providers Division “is not informed that the intruder truly accessed or misused the affected person information and facts in the employee’s mailbox.”
A closing tally has not but been attained of the whole amount of individuals who may have been impacted by the incident.
“When the intrusion was uncovered, the LSU Health Care Providers Division’s Compliance and Privacy Section began the complicated and laborious course of action of pinpointing any people whose info might have been compromised,” claimed LSU Overall health.
“Even though the exhaustive investigation has observed thousands of individuals, get the job done continues to explore any other folks.”
LSU has inspired all the sufferers who may well have been influenced to keep an eye on their credit rating studies for possible identification theft.
The healthcare provider said that “stringent privacy and security procedures” that have been in spot at the time of the intrusion would now be reviewed to establish if advancements can be made.