Cyber Attack That Occurred in 2016 was Just Discovered, leaving 500,000 Patients Affected
LifeBridge Health located in Baltimore, Maryland, was the victim of a malware attack on September 27, 2016. However, what is most concerning is, the attack was not identified until March 17, 2018.
In March of 2018 hospital officials became aware there was a malicious attack that had infected multiple systems. The networks impacted included the ambulatory electronic health records, patient registration, and billing systems that a contracted vendor was hosting. After a complete forensic analysis was completed, it was determined the malicious attack originated in 2016, when an unauthorized person accessed the system.
Approximately 500,000 patient records were compromised. The information leaked included social security numbers, patient names, addresses, birth dates, medical diagnosis, medications, insurance information, and clinical and treatment information. The Baltimore medical facility is working diligently to notify all impacted patients and is offering a free year of credit reporting services to patients whose social security number was breached.
At this time, LifeBridge Health does not believe any of the personal data exposed has been used maliciously.
Impacted patients are also encouraged to review billing statements and explanation of benefits. If services are shown that were not rendered, the patients are urged to contact their providers immediately.