Traverse City News and Events

Patient Information Compromised In Munson Data Breach

By Beth Milligan | Feb. 27, 2020

Munson Healthcare employee emails were hacked during a three-month period in 2019, the organization announced Wednesday, with an external third party able to access protected patient information including dates of birth, diagnostic and treatment details, driver's license numbers, and Social Security numbers.

Munson said it became aware of a "recent data security incident" during which certain employee email accounts were accessed by an unauthorized third party. "Upon learning of this issue, Munson Healthcare commenced a prompt and thorough investigation, working closely with external cybersecurity professionals," Munson said in a written statement. After a forensic investigation and comprehensive manual document review, Munson discovered that employee email accounts accessed between July 31 and October 22 "contained identifiable personal and/or protected health information."
 
Affected email accounts contained the personal and protected health information of some patients, including names, dates of birth, insurance information, and treatment and diagnostic information. Some individuals’ financial account numbers, driver’s license numbers, and Social Security numbers were also contained in the emails. "This incident does not affect all patients of Munson Healthcare, and not all information was included for all individuals," according to Munson. "Munson Healthcare is now notifying affected individuals so that they can take steps to protect their information."

According to Lucas Otten, Munson Healthcare system director of information security, the organization has "no evidence that any information has been acquired or misused by the unauthorized third party that accessed it." Munson Healthcare is sending notification letters to affected patients with available mailing addresses and is setting up a dedicated call center for patients who may have been impacted or have questions about the security breach. The response line can be contacted at 1-844-904-0961 and is available Monday-Friday from 9am-6:30pm E.S.T.

Munson Healthcare is also offering complimentary credit monitoring to individuals whose Social Security numbers were contained in the email accounts. Notified patients should monitor insurance statements for any transactions related to care or services that have not actually been received. 
 
"Patient privacy is a top priority, and we take this matter very seriously," said Otten. "Munson regularly trains and educates all employees on cyber security awareness and risks, and we use a 24-7 staffed cyber security response team in partnership with other Michigan hospitals to detect and respond to suspicious incidents as they happen. As cyber security threats continue to evolve, we will continue evolving our defenses to match and will implement additional technical safeguards to prevent the recurrence of similar incidents."

Comment

City Commissioners Approve Property Purchase For Parking Deck

Read More >>

Shutdown Could Threaten TCAPS Superintendent Search, Recall Effort

Read More >>

Despite Virus, Soon-To-Be-Wedded Couples Are Marching On

Read More >>

City Commissioners To Talk Living Wages For Staff, Relief Measures For Businesses

Read More >>

Meijer, Walmart Enact New Shopping Protocols

Read More >>

Munson Increases Visitor Restrictions, Requires Universal Masking

Read More >>

Animal, Pet Care During Pandemic

Read More >>

MHSAA Cancels Remainder Of High School Winter/Spring Sports Seasons

Read More >>

How Will Tourism, Hotels & Vacation Rentals Survive The Pandemic?

Read More >>

The Future of Horizon Books

Read More >>

City To Vote On Parking Deck Property Purchase

Read More >>

Grand Traverse Band Casinos Donate 7,000 Pounds Of Food

Read More >>

Is The Boom Over?

Read More >>

Whitmer Closes K-12 Schools For Rest Of School Year, Sets Guidelines For Remote Learning

Read More >>