Hackers breach Ohio hospital's databases, obtain personal information of 240,000

By

An Ohio pediatric hospital is notifying patients and donors - totaling as many as 240,000 people - that their personal information may have been compromised by hackers.


Akron Children's Hospital said in a statement on its website that hackers obtained access to two separate computer databases containing the personal information of donors, hospital patients and their parents and guardians.
One compromised database contained the names, addresses, Social Security numbers and birth dates of patients and parents. An investigation into the matter has found no evidence that any of the information was exposed, according to a hospital statement.
The second breached database contained the financial information - including unencrypted bank account and routing numbers - of hospital donors.
The patient and family database contained the personal information of about 230,000, while the other database contained that of 12,000 donors, according to press reports.
The breach was discovered Sept. 6. The hospital did not notify law enforcement authorities until more than a month later, however, because it employed a consulting firm to investigate.
The investigation found no evidence that the information was downloaded or compromised, but the opportunity to view the data existed, according to the hospital.
"We wanted to understand the full scope of the situation before we notified people. So as soon as we identified the unauthorised entries, we contacted a computer security consulting firm, to begin a forensic investigation to determine the extent of the breach," read a statement form the hospital. "In addition, we needed to consult with the appropriate authorities so we knew exactly what steps we needed to take. We also began the process of establishing an information line and website to help answer questions related to this situation."
Click here to email Frank Washkuch Jr.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

Phishing attack nets enormous npm supply chain compromise

Phishing attack nets enormous npm supply chain compromise

VicRoads to phase out passwords in favour of passkeys

VicRoads to phase out passwords in favour of passkeys

Service NSW centralises security, networking in mammoth CloudOps overhaul

Service NSW centralises security, networking in mammoth CloudOps overhaul

Apple adds "mercenary spyware" protection to new A19 chip

Apple adds "mercenary spyware" protection to new A19 chip

Log In

  |  Forgot your password?