Lifebridge Health says 500,000 patients could be affected by data breach

Baltimore-based Lifebridge Health said it discovered a data breach that could affect more than 500,000 patients in Maryland, according to the state attorney general’s office.
Lifebridge Health operates four hospitals in the area including Sinai Hospital of Baltimore and Northwest Hospital in Randallstown.
An investigation found that malware infected a server housing patient registration and billing systems for Lifebridge Health, as well as electronic medical record data for Lifebridge Potomac Professionals. The data included “names, addresses, dates of birth, diagnoses, medications, clinical and treatment information, insurance information, and in some instances social security numbers,” Lifebridge said in a statement.

A LifeBridge data breach may have exposed the personal information of 500,000 patients. Here's what you need to know: https://t.co/G1GjKpOY9w pic.twitter.com/MRVTPa7I0r

— AARP Maryland (@AARPMD) May 22, 2018

A forensics firm contracted by Lifebridge concluded that the breach occurred when someone accessed the server on Sept. 27, 2016.
“At this time, LifeBridge Health and LifeBridge Potomac Professionals has no reason to believe that the patient information has been misused in any way,” a letter issued to patients states. “However, as a precaution, LifeBridge Health is sending letters to patients, and has established a dedicated call center to answer any questions patients may have.”
In response, Lifebridge said it is requiring more complex passwords and enhancing security.