The Institute for Women’s Health, with eight care supply websites in San Antonio, Texas, on July 6 found a keylogger virus on its pc community.
The supplier group now has accomplished the affected person notification course of and reported the data breach to the Office for Civil Rights for the Department of Health and Human Services and the FBI.
An investigation discovered the virus was put in on July 5. A keylogger virus, also called spy ware, logs keys struck on a keyboard in a covert method with the intent to gather account info, credit score/debit card numbers, consumer names, passwords and different data, in line with data safety vendor McAfee. The breach was resolved by July 13.
Additional info that was compromised consists of dates of delivery, addresses, Social Security numbers, scheduling notes and CPT and billing codes. The affected person portal was not affected.
The Institute for Women’s Health declined to reveal the variety of affected people, however that info quickly might be posted on the HHS data breach website.
The group is providing affected people one yr of credit score monitoring and id theft safety providers from ID Experts, together with a $1,000,000 insurance coverage reimbursement coverage and academic supplies on defending accounts.
The Institute in a media discover stated that quite a lot of safety measures have been in place earlier than the assault, together with community filtering and safety monitoring, firewalls, antivirus software program and password safety. As a part of the remediation course of, the Institute added new safeguards to enhance the safety of its net server and scale back the danger of exploitation.
The group declined to offer further particulars concerning the incident.