Cloud Hosting

A breach on a server managed by cloud hosting and server management provider TekLinks, may have allowed hackers to potentially access and exfiltrate the personal health information of patients from Alabama-based Surgical Dermatology Group.

TekLinks discovered unauthorized access around May 1, 2017, but access was first gained on March 23. Officials said it blocked server access after the initial discovery, but hackers could have viewed or copied data beforehand.

Surgical Dermatology hired a forensic investigation team to determine the scope of the breach. Officials said the compromised server contained patient ID numbers, names, Social Security numbers, health plan information and physician names.

[Join Your Peers at HIMSS Healthcare Security Forum! Register Today]

Financial information and credit card information werent stored on the affected server, officials said.

Surgical Dermatologys investigation team has secured the server, and officials said policies have been revised to improve security for the organization.

All patients were notified and offered a year of free credit monitoring and identity theft protection services. Officials said the organizations also reported the breach to appropriate authorities, including the FBI.

The number of breached records was not included in the notification, and the data is not yet included on the U.S. Department of Health and Human Services Office of Civil Rights breach reporting tool.

Twitter:@JessieFDavisEmail the writer: jessica.davis@himssmedia.com

Like Healthcare IT News on Facebook and LinkedIn

Go here to read the rest:
Hackers breach third party cloud vendor TekLinks - Healthcare IT News