- The information leaked includes the names, birthdates and gender information of 40 patients.
- The Federal Bureau of Investigation (FBI) has offered to provide assistance in resolving the issue.
The non-profit healthcare organization Gwinnett Medical Center (GMC) acknowledged that it suffered a data breach that exposed the personal details of over three dozens of patients. The information leaked reportedly includes the names, birth dates and gender information of 40 patients.
This data was posted on Twitter. However, the healthcare organizations reportedly said that the compromised data did not include patients’ Social Security numbers or medical information.
ZDNet reported that the data breach was initially discovered by Salted Hash on September 29, although the exact details surrounding the incident was not available immediately. Salted Hash reportedly claimed that it received threats from the alleged attackers, as soon as they learned about the disclosure of the breach.
It is believed that the stolen records were publicly available for three days. Following the discovery of the incident, GMC is reportedly working on improving the security of its infrastructure and systems.
“We learned of the issue late last week and immediately engaged with internal and external experts and immediately began cooperating with law enforcement,” GMC spokeswoman Beth Hardy explained, Gwinnett Daily Post reported.
The Federal Bureau of Investigation (FBI) has reportedly offered to provide assistance in resolving the issue. Both the company and the FBI are working together in uncovering the cause of the leak and the identity of the threat actors involved.
“GMC takes cyber security very seriously and we are committed to maintaining the integrity, availability and confidentiality of our systems and data. That starts with identifying threats and conducting audits and it includes the processes, procedures and safeguards that we have in place to protect our systems,” the healthcare provider said, ZDNet reported.