Boys Town Data Breach Exposed Personal Details Of Patients And Employees

Once again, a medical facility has suffered a security breach. Though it wasn’t as massive as some others reported previously, yet, a cyber attack is always important to pay attention to, regardless of its impact. An Omaha-based research hospital, the Boys Town National Research Hospital, disclosed a security breach, reportedly, the Boys Town data breach explicitly exposed the personal data of its patients as well as employees.

Boys Town Data Breach Happened Through Hacked Email Account

On July 20, 2018, Boys Town National Research Hospital released a media statement regarding a security breach. Reportedly, they suspect exposure of explicit personal details of their patients and employees in the Boys Town data breach. They noticed an unusual activity in an employee’s email account on May 23, 2018, after which, they began investigations. Now, after more than a month, the officials confirm a data breach through this email account.

As explained in the press release,

“The investigation determined that an unknown individual had access to the email account on May 23, 2018.  Boys Town reviewed the email account to identify what personal information was stored within the email account. On or around July 3, 2018, Boys Town confirmed the personal information that may have been accessible as a result of the incident and the identities of the individuals relating to this personal information.”

The breached data may include details of personal information of the patients, their medical history and health records, Employer ID, driver’s license and passport details, as well as financial account numbers.

After confirming the incident, Boys Town began investigations regarding the matter and reported it to the law enforcement agencies. Moreover, they also sent notifications to those affected, offering them a 12-month free identity protection service. However, they have not stated an exact number of affected individuals.

Plus One To The Medical Data Breaches Through Hacked Email Accounts

The details about the breach data are solely based on observations out of an abundance of caution. For now, Boys Town confirms no misuse of breached details.

“To date, Boys Town has not received any reports that personal information has been misused as a result of this incident.”

Data breaches at health and medical facilities are increasing day by day. Since most of the hospitals and research centers are not vigilant about their cybersecurity, the hackers can exploit any minute vulnerability in their systems to access the data. The Boys Town data breach occurred through a hacked email account. This isn’t the first time that a hacked account exposed patients’ information. Last week, we already witness a wave of data breaches at various medical facilities. All security breaches occurred through hacked email accounts and phishing emails.

Certainly, the hospitals’ authorities need to be wary of email scams and hacks to protect their patients’ information. Who knows when slight ignorance could result in a massive data breach such as the one happened at SingHealth.

Let us know what you think in the comments section.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients