McPherson Hospital Suffers a Data Breach Exposing Data For Up to 19k Patients
Table of Contents
- By Steven
- May 11, 2023
McPherson Hospital is a large-scale health facility in McPherson, Kansas. The hospital employs more than 225 people and offers walk-in care, emergency care, primary care services, and a range of specialty health services. This large facility generates approximately $7 million in revenue annually. It was hit by a data breach recently, risking the information of patients significantly. The breach has led to a loss of trust in the hospital, and the patients involved should take steps to protect themselves from further harm.
How Did the Attack Occur?
The McPherson Hospital breach occurred because an attacker gained access to the hospital's file network and began taking information from the patients of the facility. This information was highly personal and potentially harmful if misused. The attack occurred before May 4th, 2023, and it remained an issue for several days until security effectively locked down the network. At that point, personal data was already taken, and an investigation began to determine the scope of the damage.
What Information Was Viewed or Stolen?
According to the notice filed with the Maine Attorney General, the breach resulted in the loss of Social Security numbers, birth dates, medical billing information, and data for medical treatments. The information was highly personal and could be harmful if used by others. The specific information for each patient involved in this breach varies, but at least some of the information listed above was put at risk by the breach and could put the company in a bad position.
How Did McPherson Hospital Admit to the Breach?
McPherson filed a notice with the Maine Attorney General on May 4, 2023. In the notice, the hospital explains the total scope of patients affected by this breach and the total data exposed in the breach. Personal data was released in the breach, so the company immediately began sending out personal notices to anyone identified as potentially being involved in the data breach. If your data was involved, you should receive a notice from the hospital letting you know your information was part of this breach.
What Will Become of the Stolen Information?
It's likely the data stolen in this breach will be misused for identity theft and phishing attacks and resold to other people. The information can be used in a variety of harmful ways, and anyone involved in the breach should take steps to protect themselves as soon as possible to avoid serious financial problems and issues on their credit.
What Should Affected Parties Do in the Aftermath of the Breach?
If you receive a notice informing you that your data was involved in the McPherson data breach, you should consider putting a freeze on your credit report and canceling any cards stored on file with the facility. If you take these two steps, you're protected from most issues caused by the breach. If you don't want to go to those extremes, you could also invest in a credit monitoring service or identity protection service to monitor your accounts and watch for strange changes.