Indiana Health System Breach Potentially Impacted More Than 68K Patients – Expert Commentary

Indiana-based Methodist Hospitals is currently notifying 68,039 patients that their protected health information may have been exposed in a data breach. The patient data that was potentially compromised includes the following:

  • Names
  • Addresses
  • Health insurance information
  • Group identification numbers
  • Social Security numbers
  • Financial account numbers
  • Payment care information
  • Medical record numbers and treatment information

In June, the health systems saw unusual activity in an employee’s email account prompting investigation. Methodist Hospitals determined that two employees fell victim to a phishing attack. Collectively, the unauthorized third-party had access to the email accounts between March 13 and July 8. Methodist Hospitals said there is no evidence that any patient information has been misused.