430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Medical info of 49,351 patients exposed in Alomere Health hospital breach

Minnesota-based Alomere Health discloses a data leak that exposed personal and medical information of 49,351 patients. Personal and medical information of 49,351 patients of Minnesota-based Alomere Health might have been exposed following the compromise of two employees’ email accounts. Alomere Health is a general medical and surgical hospital in Alexandria, MN, with 127 beds. It is accredited […]

Signature Healthcare

Minnesota-based Alomere Health discloses a data leak that exposed personal and medical information of 49,351 patients.

Personal and medical information of 49,351 patients of Minnesota-based Alomere Health might have been exposed following the compromise of two employees’ email accounts.

Alomere Health is a general medical and surgical hospital in Alexandria, MN, with 127 beds. It is accredited by the Healthcare Facilities Accreditation Program (HFAP), has a Level III trauma center and has twice been named as one of the Top 100 Hospitals by Thomson Reuters. 

Exposed data include names, addresses, dates of birth, medical record numbers, health insurance information and diagnosis and treatment details information. Attackers also accessed Social Security numbers and driver’s license numbers for some patients. 

The incident was discovered on November 6, 2019, the IT staff discovered that an employee’s email account was accessed by at least one unauthorized third party between October 31 and November 1, 2019.

The Alomere Health hospital started notifying impacted patients on January 3, 2020.

The hospital launched an investigation with the help of an external forensic firm, and on November 10 the experts discovered that also a second employee’s email was compromised on November 6.

“The investigation was unable to determine whether the unauthorized person(s) actually viewed any email or attachment in either account,” reads the hospital’s breach notification.

“In an abundance of caution, we reviewed the emails and attachments in the accounts to identify patients whose information may have been accessible to the unauthorized person(s).” “In an abundance of caution, we reviewed the emails and attachments in the accounts to identify patients whose information may have been accessible to the unauthorized person(s). From this review, we determined that portions of some patients’ information were contained in the email accounts.”

Alomere Health is going to offer impacted patients free credit monitoring and identity protection services.

The hospital announced to have implemented additional security measures to prevent future incidents, including staff training.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Alomere Health, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]