Augusta University Health said it was hit with a data breach that exposed the personal information of some 417,000 patients, faculty, and students at the Georgia institution.
Names, addresses, dates of birth, lab test results, diagnoses, medications, surgeries, and health insurance information were among the data exposed, as well as a "small percentage" of driver's license and Social Security numbers, according to the hospital system, the HIPAA Journal reported. Most of the breach victims were patients of Augusta University Medical Center and Children's Hospital of Georgia, but the breach also exposed patient data from 80 outpatient clinics in the state.
Augusta University Health actually discovered the initial attack on Sept. 11, 2017, after several employees fell for a phishing attack and disclosed their login credentials. It wasn't until July 31, 2018, that third-party incident investigators alerted the hospital system of the personally identifiable information (PII) exposure.
This isn't the first breach suffered by Augusta University Health, either: It has been hit by two previous attacks, affecting data of 10,300 people, the report said.
Read more here.
Learn from the industry's most knowledgeable CISOs and IT security experts in a setting that is conducive to interaction and conversation. Early bird rate ends August 31. Click for more info.