Mount Desert Island Hospital (MDIH) Breach Incident
In another concerning incident related to vulnerabilities in Progress Software’s MOVEit Transfer software, Mount Desert Island Hospital (MDIH) in Bar Harbor, Maine, reported a breach affecting 32,661 individuals. After detecting suspicious activity on their network in early May 2023, MDIH initiated an investigation that revealed unauthorized access between April 28th and May 7th.
Exposed Information Includes Employee and Patient Data
The breached data at MDIH consisted of employee and patient-related information, including:
- Driver License Information
- Social Security numbers
- Medical record numbers
- Treatment details
- Prescription information
- Billing and claims information
- Medicare or Medicaid numbers
MDIH Takes Comprehensive Measures
In response to the breach incident, MDIH conducted a full forensic investigation with the assistance of third-party specialists. They have implemented various measures to secure their network infrastructure further.
- Changing password strength
- Implementing new technical safeguards
- Periodic evaluations (both technical and non-technical)
- Strengthening firewall and user access policies
- Disabling vendor accounts linked to the suspected attack vector
- Revising internal policies and procedures
Lakeland Community College Breach Involving Health Data
Lakeland Community College in Ohio also fell victim to a data breach that impacted health-related information. The college discovered unauthorized access to its network from March 7th to March 31st, 2023. An immediate investigation was launched to assess the extent of the breach.
Sensitive Information Stolen
The investigation revealed that personal information such as:
- Full names
- Social Security numbers
- Financial account details
- Passport numbers
- Medical records
- Health insurance policy information
- Dates of birth
- Credit or debit card information
These had been removed from Lakeland’s network. While no reports of identity theft or fraud have emerged thus far related to this incident, affected individuals are urged to remain vigilant.
Commitment to Privacy Protection
Lakeland Community College deeply regrets the occurrence of this breach and is dedicated to safeguarding personal information within its possession. The college continuously evaluates and modifies its practices and internal controls to enhance security measures for protecting personal data.
Protecting Against Breaches
These recent data breaches highlight the ongoing threat posed by vulnerabilities in software systems across various industries. Companies like Nuance Communications are proactively investigating and addressing these incidents promptly while prioritizing data privacy and security. As technology advances, organizations must remain vigilant and proactive in implementing robust security measures to protect sensitive information from unauthorized access.
HIPAA compliance can help protect against breaches, as HIPAA compliant organizations are generally more secure. To become HIPAA compliant, you must implement policies and procedures safeguarding patient information. Compliancy Group’s healthcare compliance software enables organizations to achieve compliance efficiently and effectively.