Breaching Incident Impacts Almost 280,000 Medicaid Patients

The record folders of a University Center that contained Medicaid billing data was breached by cyber criminals.

The breaching incident was reported by the Oklahoma State University Center for Health Sciences on Jan. 5 to the U.S. Department of Health and Human Services as an impact on the network server causing to affect a massive 279,865 individuals.

The breached folders contained the patients information including their names, Medicaid numbers, names of the provider, service dates and information regarding the treatments. Social Security numbers for some patients were also present in the records.

OSU CHS launched an investigation and hired an outside security firm to determine whether the folders were compromised. Officials couldn’t rule out third-party access.

A notification letter was sent by the OSU CHS to the affected individuals indicating that the incident was discovered almost two months prior.

According to the notification, an unofficial third party gained unauthorized access in November 2017 to folders containing billing information on Medicaid patients in OSU CHS computer network.

The authorities were quick in removing the folders from the servers and terminating third party access.

An independent data security firm had been hired to investigate the matter and had also assisted the OSU CHS to determine whether the folders were compromised.

As per latest reports, the data is safe as the breached folders did not contain it.

The OSU CHS data breach incident is not the largest medical data breach reported, but is among the top 5 health data breaches that have occurred in the year.

According to the HHS HIPAA Breach Reporting Tool website, also known as the ‘Wall of Shame’, the OSU CHS incident ranks as the fourth largest data breach that occurred in recent times, with Commonwealth Health Corp. on the top spot with 697,800 affected individuals.

OSU CHS have established a dedicated call center to respond to the this medical data breach impacted patients.

Related posts

Vulnerabilities In Cinterion Cellular Modems Threatened IoT And Industrial Devices

Google Admits Active Exploitation For Chrome Browser Zero-Day

Criminal IP and Quad9 Collaborate to Exchange Domain and IP Threat Intelligence