Hackers Accessed Files With the PHI of 115,670 South Shore Hospital Patients and Spencer Gifts Health and Welfare Benefit Plan Members

Chicago’s South Shore Hospital has begun informing 115,670 present and past patients regarding a cyberattack on its system in December 2021. The hospital detected suspicious activity on its system on December 10, 2021, and took immediate action to control the attack. Emergency procedures were enforced to make sure patients can still be safely provided with care.

South Shore Hospital called a group of third-party computer forensics specialists to look into the security breach and find out if patient data was viewed or stolen. As per the investigation, it was confirmed that the attackers acquired access to sections of its system that store files containing the protected health information (PHI) of patients and worker information, such as names, addresses, birth dates, Social Security numbers, medical insurance data, medical details, diagnoses, medical insurance policy numbers, Medicaid/Medicare data, and financial details.

South Shore Hospital stated it is going to implement extra security steps to better secure its system against cyberattacks, such as stronger password guidelines, multifactor authentication, and supplemental anti-malware and anti-phishing software. The workforce will also be provided with additional training about data privacy and security.

South Shore Hospital has given the impacted individuals instructions as to how they could secure themselves versus the improper use of their data, which includes registering for a one-year free membership to the credit and CyberScan monitoring service of IDX. Impacted persons will likewise be covered with a $1 million identity theft reimbursement insurance plan and will get access to identity theft recovery services when they are required.

Hacking Incident Reported by Spencer Gifts Health and Welfare Benefit Plan

Spencer Gifts has learned that unauthorized persons obtained access to its system from November 24, 2021 to November 26, 2021, and possibly viewed or acquired files that contain the PHI of 10,023 health and welfare benefits plan members.

The hacking incident was discovered on November 25, 2021, and its system was made secure the next day. The investigation affirmed the exposure of names, plan selection data, and Social Security numbers. Notification letters were mailed to all impacted persons on January 24, 2022, and free identity theft monitoring services were provided to impacted persons. Spencer Gifts stated it is going over its security guidelines and procedures and will enforce additional electronic security features.