- St. Joseph Health System (SJHS) in Texas reported a data breach that occurred between December 16 and 18, according to reports from KWTX.com and Theeagle.com. The breach has affected more than 405,000 patients, employees, and employee beneficiaries.
Information was accessed through a single server by hackers from China and other locations. The server contained employee and patient data from for St. Joseph Regional Health Center in Bryan, Burleson St. Joseph Center, Madison St. Joseph Health Center, Grimes St. Joseph Health Center and St. Joseph Rehabilitation Center, the health system said. The server was taken offline after the breach was discovered.
The data included patient names, birth dates, Social Security numbers, and possibly addresses. Medical information for patients was accessible, as well as bank information for current and former employees. Investigators could not determine if any information had been extracted.
St. Joseph said that there has been no misuse of information at this time. The health system has set up a confidential call center for affected persons, and is offering free identity-theft protection for one year. The system also said it was in the process of adding new security measures to prevent future occurrences, but did not disclose what those changes were.
In a release on its website, SJHS noted, “SJHS is working with the United States Federal Bureau of Investigation, which is also looking into this incident. SJHS is providing written notice of this incident to affected individuals, to the U.S. Department of Health and Human Services, as well as to certain state and international regulators.”