Over 100 Total Lots Up For Auction at One Location - CA 12/04

LSU Medical Center email breach potentially exposes data on thousands of patients

by John R. Fischer, Senior Reporter | December 01, 2020
Cyber Security Health IT
The breach of an LSU medical centers employee's email account may have exposed the information of thousands of patients
A breach of an employee’s email account in November has potentially exposed the information of thousands of patients at Louisiana State University medical centers.

The hack possibly affects patients cared for at Lallie Kemp Regional Medical Center, Leonard J. Chabert Medical Center, W.O. Moss Regional Medical Center, the former Earl K. Long Medical Center, Bogalusa Medical Center, University Medical Center, and Interim LSU Hospital, according to WAFB9 News.

LSU Health says that “it is possible that this information was accessible” but maintains that it is not aware “that the intruder accessed or misused” any information within the electronic mailbox. "When the intrusion was discovered, the LSU Health Care services division’s compliance and privacy department began the difficult and laborious process of identifying any patients whose information may have been compromised. While the exhaustive investigation has found thousands of patients, work continues to discover any others."
DOTmed text ad

Reveal 35C: spectral bedside imaging, no extra dose, now available in the EU

KA Imaging’s Reveal 35C detector, currently available as an upgrade solution in the US and selected geographies, can now be sold in the European Union. The detector recently obtained the CE Mark. Contact us at sales@kaimaging.com to book a free demo.

The breach was discovered on September 18, with the mailbox disabled the same day.

The type and amount of information varied by care location, and each email message but may have included patients’ names, medical record numbers, account numbers, date of birth, social security number, dates of service, types of services received, phone numbers, and/or addresses, and insurance identification numbers. A few messages contained a patient’s bank account number and health information, including a diagnosis.

Those who received care at any of these facilities are encouraged to monitor their credit reports for potential identity theft. LSU is currently investigating the matter and reviewing its security practices to see if they can be improved to further reduce the risk of a breach in the future. Any changes will be incorporated into information security training required for all employees.

You Must Be Logged In To Post A Comment