Data breach at Atrium Health impacts more than 2.6M records

Register now

A major cyber event at Atrium Health, an expansive delivery system with more than 40 hospitals and 900 care locations, could affect more than 2.6 million patient records.

Included in that total are about 700,000 affected individuals whose Social Security numbers were compromised and are being offered credit monitoring services from Kroll.

“It is very important to understand that the data was accessed but not downloaded in this incident,” according to an Atrium Health spokesperson. “Our forensic reports indicate they were not able to actually download or remove the files.”

At Atrium Health, formerly Carolinas HealthCare System, the investigation found unauthorized access to databases hosted by AccuDoc, a vendor offering custom programming, data warehousing, billing and system integration services. Atrium Health’s own information systems and those of its managed locations were not affected by the cyber attack.

Also See: 8 ways Iot devices could affect cybersecurity and privacy risks

Upon discovery of the breach, AccuDoc terminated access to data and engaged forensic specialists to secure affected databases and improve security controls. Atrium Health also engaged its forensic investigator to review the incident, and both entities have worked with the FBI.

Forensics further have shown that an unauthorized third party likely gained access to AccuDoc’s databases between September 22, 2018 and September 29, 2018 and AccuDoc notified Atrium Health of the incident on October 1.

Patient data at risk included bills, first and last names, home addresses, dates of birth, insurance information, medical record numbers, invoice numbers, account balances and dates of service.

To date, there is no indication that personal information was taken and no financial account numbers were involved, nor were clinical information or medical records, according to the organizations. Affected individuals now are being notified by mail.

For reprint and licensing requests for this article, click here.