Malware in retirement community’s systems compromises health data
Westminster Ingleside King Farm Presbyterian Retirement Communities in Rockville, Md., is offering a year of credit monitoring and identity theft restoration services to 5,228 affected individuals following a hacking incident.
The organization, which offers on-site skilled nursing care, discovered the attack on November 21. It launched a software program to find and remove the malware and engaged forensics experts to determine how the attack happened and if information was accessed.
While there was no evidence that patients’ medical or personal information had been accessed, the possibility could not be ruled out. Data that could have been compromised included names, addresses, dates of birth and Social Security numbers.
Now, Westminster executives are ramping up preventive measures. The organization reports that it is upgrading its firewall, anti-virus software and other malware security products. It is also creating new usernames and passwords, implementing dual-factor authentication and retraining staff.
Financial and payment information was not compromised, and the organization did not disclose how the malware was introduced. In addition to the protective services being offered, Westminster gave affected individuals comprehensive information on protecting their credit and putting fraud alerts on their accounts.
Westminster executives declined to provide additional details about the incident.