Cheyenne Regional Medical Center in Wyoming has added security measures and is informing people whose personal information was exposed due to a data breach earlier this year, hospital officials said.
The breach was discovered in April but is being publicly disclosed now to inform the community out of “an abundance of caution,” said Jacqueline Van Cleave, the hospital’s director of compliance and privacy.
Van Cleave told The Wyoming Tribune Eagle that a hacker accessed a “limited number” of employee email accounts that contained as many as 16,000 patients’ personal information, including dates of birth and Social Security numbers. The number of patients whose information was exposed is being checked, she said.
It appears that the hacker appeared to be interested in payroll information, and there is no evidence that the exposed patient information has been misused, she said.
The hospital’s review concluded in November, and officials plan to send notification letters to people whose information was in the compromised emails. The hospital is offering them free credit monitoring.
CRMC policies and procedures say that patient information must be securely stored in the hospital’s electronic health records system. But some information can be exchanged via email among staff for administrative purposes.
Since the breach, CRMC has implemented further security measures surrounding internal network applications and is continually reviewing its security process, officials said.
Topics Cyber
Was this article valuable?
Here are more articles you may enjoy.
Carnival Cruise Passenger Served 14 Shots Awarded $300,000 After Fall Down Stairs 
Mustard Maker Caught Pumping Pollutants Into River for Years and Lying About It 
State Farm Agrees to $15M Settlement for Underpaid Vehicle Claims 
How Niche Insurance Shielded Bad Bunny From Bad Weather 
