- The incident occurred in August 2017 and lasted until December 2018.
- The breached data contained a trove of personal and health data of patients.
Florida-based AdventHealth is notifying some 42,000 patients about a 2017 data breach that went on for more than a year. The incident occurred in August 2017 and lasted until December 2018.
According to a report published by the Office of the Vermont Attorney General, the hospital discovered the breach on December 21, 2018. It noticed that hackers had gained unauthorized access to systems at AdventHealth Medical Group Pulmonary & Sleep Medicine, Tavares for more than 16 months. The hackers had taken over the systems since the beginning of August 2017.
Type of information compromised
The breached data contained a trove of personal and health data. This included medical histories, insurance carriers, Social Security numbers, names, phone numbers, dates of birth, health insurance information, weights and email addresses of patients.
Upon discovering issues, the hospital has started working towards bolstering its security perimeter. It has started implementing improved processes to enhance the security of its systems and infrastructure.
The hospital has also informed the Department of Health and Human Services about the breach. In addition, it is also providing a year of free identity monitoring services.