Alomere Health operator based out of Minnesota this month started to inform patients of a data breach that affected a precise number of 49,351 individuals post a threat actor managed to gain fraudulent access to 2 employee email accounts in late October and early November 2019.
On a security notice published on Alomere H #ealth’s website, the company mentioned that the first attack happened between October 31 to November 1, 2019, while the second account was hacked after a gap of 5 days, i.e., on November 6, 2019.
The data that is now revealed includes information such as name, date of birth, addresses, medical record numbers, diagnosis, treatment details, and insurance-related information. Additionally, a certain number of patients also had their social security and driver’s license numbers exposed. As compensation, these patients will be extended free credit monitoring and identity protection services.
Alomere also mentioned that it is not clear if the cyber criminals have actually viewed any of the data, but as a precautionary measure, they have mailed letters to patients whose data seems vulnerable.
Additionally, the Minnesota-based hospital mentions that in response to the cyberattack, it has additional security measures in place for all Alomere Health employee email accounts.