Cyberattacks Encountered by Schneck Medical Center and Epilepsy Foundation of Texas

by | Oct 6, 2021 | Compliance News

Schneck Medical Center located in Seymour, IN has reported that it suffered a cyberattack that had affected its company operations.

The medical center discovered the attack on September 29, 2021 and made an announcement on the same day. As a response to the incident, all IT systems inside its facilities were stopped as a safety precaution. Third-party cybersecurity specialists were called in to help investigate the incident and reestablish its IT system as soon as possible. According to Schneck Medical Center, it took time to investigate the cyberattacks and to fully resolve the recovery of IT systems, however, steps were taken to lessen interruption to its IT systems.

Schneck Medical Center stated the majority of medical services were not impacted by the cyberattack and patients can come for booked medical services and appointments as usual. Patients will get individual notification when for any reason their scheduled visit is delayed because of the cyberattack.

Schneck Medical Center stated in its breach notification that it is committed in taking care of people. It will continue to deliver excellent care to communities and will give more updates as necessary.

At this point, it is uncertain whether patient data was exposed. More information will be published concerning the attack when the investigation affirms that attackers indeed obtained access to systems that contain patient data.

PHI Possibly Exposed in Epilepsy Foundation of Texas Due to Phishing Attack

An unauthorized person potentially accessed the email account of an Epilepsy Foundation of Texas employee and possibly acquired sensitive patient information. Epilepsy Foundation of Texas found out about the email account compromise on or around June 8, 2021 because the email account had been used for sending fraudulent email messages. After immediately securing the email account, the foundation conducted an investigation to find out the nature and extent of the breach.

The investigation affirmed the breach of the account after the employee replied to a phishing email. A review of the breach and the data within the email account was finished on September 2, 2021. Then efforts were made to acquire the correct address details of the affected persons in order to send notifications. The foundation began sending notification letters to affected persons on October 1, 2021.

Epilepsy Foundation of Texas mentioned the breached email account included first and last names, birth dates, driver’s license numbers, medical details, medical insurance data, Social Security numbers, financial account numbers, biometric information, usernames and passwords, and payment card numbers.

After the attack, security practices were evaluated and were now improved. Epilepsy Foundation of Texas stated it doesn’t know of any incidents of attempted or actual patient data misuse, but it has instructed impacted patients to exercise care and keep track of their accounts and explanation of benefits statements for indications of bogus activity.

3 Steps To HIPAA Compliance

Step 1 : Download Checklist.

Step 2 : Review Your Business

Step 3 : Get Compliant!

Our HIPAA compliance checklist will outline everything your organization needs to become fully HIPAA compliant. Fill in the form below to download it now.

View our privacy policy