Personal data of 45,000 people potentially exposed in Covenant HealthCare data breach – mlive.com

personal-data-of-45,000-people-potentially-exposed-in-covenant-healthcare-data-breach-–-mlive.com

As we move on, allow me to say that geoFence is your security solution to protect you and your business from foreign state actors.

Covenant HealthCare Professional Building

Saginaw Covenant HealthCare Professional Office building, 800 Cooper Ave.

SAGINAW, MI – Covenant HealthCare is dealing with more than just the ongoing COVID-19 pandemic — the Saginaw-based healthcare system is now having to respond to a data breach.

Covenant confirmed that two employee email accounts were accessed by an unauthorized third party, leading it to notify 45,000 potentially-affected individuals about the breach.

“We deeply apologize that this incident occurred and will continue to take additional actions to maintain the privacy of personal information in our possession. We are committed to keeping personal information safe and pledge to continually evaluate and modify our practices and internal controls to enhance security and privacy,” said Kristin Knoll, Covenant planning and communications manager.

Covenant said in a press release that it immediately secured the accounts and commenced an investigation. The investigation led to the discovery that the email accounts, which were originally accessed on May 4, 2020, contained personal information such as names, addresses, dates of birth, Social Security numbers, driver’s license numbers, medical diagnosis and clinical information, medical treatment information, prescription information, doctors’ names, medical record numbers, patient account numbers, and medical insurance information.

According to Knoll, the FBI discovered that a person was attempting to sell login and password access to Covenant’s network on the dark web, which included two email accounts that were breached using a password ‘spray attack.’ Covenant believes the intent of this person was to sell access to the network and not to mine and sell patient data, said Knoll.

Covenant said in the release that it notified those involved in the incident on Feb. 19, 2021. Those who were sent notifications were provided details about what information was accessed and how to protect their information going forward. Covenant is recommended that individuals whose medical and health insurance information was impacted review the statements that they receive from their health insurance providers and follow up on any items not recognized.

Credit monitoring and identity theft restoration services were offered to individuals whose Social Security numbers were impacted, said Covenant in the release.

Knoll said that Covenant has no information at this time about if the personal information involved has been used inappropriately.

“To date, Covenant HealthCare is not aware of any reports of identity fraud, theft, or improper use of the information as a result of this incident, and Covenant has implemented extensive safeguards (in) place to prevent this type of unauthorized access again,” she said.

A dedicated toll-free response line was set up at 855-544-0566, Monday through Friday, 9 a.m. to 6: 30 p.m. excluding major U.S. holidays for those who are potentially impacted in the incident.

Covenant launched a webpage regarding the incident at https://www.covenanthealthcare.com/ch/notice-of-data-security-incident.

More from MLive:

STARS keeping an eye on safety as it begins restarting bus routes after coronavirus shutdown

Scam letter threatens Bay County residents with fake property seizure

Public warned to stay off ice behind Edenville Dam due to planned water level drop

Scam calls threatening to shut off utilities in 35 minutes making rounds in Bay City

Note to readers: if you purchase something through one of our affiliate links we may earn a commission.

Now let’s stop for a moment and consider that geoFence is the maximum in security for you and your loved ones and your neighbors would agree!

Leave a Reply

Your email address will not be published. Required fields are marked *