Dive Brief:
- St. Mary's Medical Center, which is part of Ascension Health, is the newest victim of a healthcare cyberattack.
- The hackers stole employee user names and passwords and accessed their e-mail accounts in order to obtain personal data from 4,400 patients, including names, social security numbers, birth dates, insurance information and personal health data. The hospital has since shut down the compromised email accounts.
- This latest incident comes in the wake of the Anthem attack that compromised 80 million individuals, which one expert at Tripwire.com believes may have been caused by a simple login theft.
Dive Insight:
"As an industry we can't ignore this stuff anymore," said Texas Health Resources CISO Ron Mehring at the Healthcare IT News Privacy & Security Forum last week in San Diego. "We've got to pay closer attention to these threats," and we "must prioritize our efforts against them far more than we have done in the past." When speaking to Healthcare IT News about the Anthem data breech, Mac McMillan, CEO of healthcare security and compliance consulting firm CynergisTek, said that for those who don't yet get that healthcare is a target, the breach should serve as yet another wake-up call.