N.Y. hospital suffered a data breach affecting about 135,000 patients when an unauthorized party gained access to its servers, according to information security training researchers.
St. Peter’s Surgery & Endoscopy Center is reporting the breach was discovered on January, when the servers were found to be penetrated. The hospital does not believe any data was removed or has since been used maliciously. The U.S. Department of Health and Human Services Office of Civil Rights reports that 134,512 individuals could be affected.
As per investigation of information security training analysts, the incident only impacted St. Peter’s Surgery & Endoscopy Center and none of any affiliated practices including St. Peter’s Hospital and Albany Gastroenterology Consultants.
The Center said, “We are committed to providing our patients with the assistance they need to protect themselves moving forward. We are reaching out to provide information and guidance to individuals with information that was contained on the servers in question and offering complimentary credit monitoring and identity theft protection services to patients whose Medicare information was contained on the servers. We are also posting additional information on our website and set up a dedicated call center for patients to ask questions.”
“For patients previously treated at the Center, their information was contained on the server in question and would have included patients’ names, dates of birth, addresses, and dates of service, diagnosis codes, procedure codes, insurance information and, in some instances, Medicare information. For those patients without Medicare, social security numbers were not affected,” the information security training analysts reported. The good news is that banking or payment card information was not involved.