Over 1850 Total Lots Up For Auction at Six Locations - MA 04/30, NJ Cleansweep 05/02, TX 05/03, TX 05/06, NJ 05/08, WA 05/09

Spanish Spanish

Broward Health hacked in October, delayed reveal at DOJ request

by Thomas Dworetzky, Contributing Reporter | January 05, 2022
Cyber Security Health IT
Share
On October 15, 2021, Broward Health network suffered a hack via “the office of a third-party medical provider permitted to access the system to provide healthcare services,” the organization said in a statement released January 3, 2022.

It also stated that the delay in announcing the breach was because, “the DOJ requested that Broward Health briefly delay this notification to ensure that the notification does not compromise the ongoing law enforcement investigation.”

The intrusion was spotted by Broward on October 19, 2021, was contained at that time, and the FBI and DOJ were notified at that point.

Security precautions were put in place that included a password reset for all employees, the hiring of a cybersecurity firm for an investigation, and the onboarding of a data-review specialist to assess the extent of the information theft.

Research revealed that thieves gained access to — and stole — personal medical information including name, date of birth, address, phone number, financial or bank account information, Social Security number, insurance information and account number, medical information including history, condition, treatment and diagnosis, medical record number, driver’s license number, and email address.

Broward did not address the number of people impacted in its release, but in a filing with the Maine attorney general's office, the organization put the total at 1,357,879.

Stating that it “takes the protection of personal and medical information on its network very seriously,” the organization advised that various steps have been taken to prevent a similar attack from taking place. Some of these include the implementation of multifactor authentication for all users of its systems and beefed-up security requirements for devices not managed directly by Broward's IT department that need access to its network.

To date, no misuse of the stolen data has been uncovered, but Broward advised those impacted that it would provide a complimentary two-year membership of Experian’s IdentityWorks, and that they should monitor accounts for unauthorized activities.

Medical facilities have become frequent cybercrime targets. On December 17, Capital Region Medical Center was hit by a brutal cyberattack.

"While our information security team is working diligently to bring our systems back online as quickly, and securely, as possible, nothing is more important to us than the health and safety of our patients and continuing to provide the care our patients expect," Lindsay Huhman, CRMC director of marketing and communications, stated at the time.
Sign up for Health IT stories Sign up for Weekly Top stories

You Must Be Logged In To Post A Comment

Sign up for Weekly Top stories

Sign up for Health IT stories

 

advertisement

Health IT Homepage

Through Edgility acquisition ABOUT aims for end-to-end AI-driven patient flow
Bayer and Google Cloud to accelerate development of AI-powered radiology applications
GE HealthCare closes MIM Software deal
Teleradiology company and CEO admit to unlawful billing, will pay $3.1 million
How Gartner's 2024 cybersecurity trends can guide your cybersecurity efforts
IONIC Health, GE HealthCare announce 510(k)-clearance of nCommand Lite System for multi-vendor, remote imaging
Field service technicians: Unsung heroes in maintaining efficiency and reducing headaches in hospital networks
HHS opens probe into role Change Healthcare may have played in cyberattack
Philips and AWS unveil pathology cloud data storing initiative at HIMSS
PE firm Frazier HealthCare Partners acquires RevSpring from GTCR