On September 3, 2024, Illinois based Hospital Sisters Health System (HSHS) reported a significant data breach to the Texas Attorney General. The breach, which was detected in August 2023, involved unauthorized access to sensitive patient information stored on HSHS’s computer network. The affected data includes a range of personal details such as names, addresses, dates of birth, Social Security numbers, driver’s license numbers, medical record numbers, and medical information. The breach is believed to have occurred between August 16 and August 27, 2023, during which time an unauthorized party accessed confidential files.
Upon discovering the breach, HSHS acted swiftly to contain the incident, enlisting the help of third-party data security experts to conduct a thorough investigation. The organization also reported the breach to law enforcement and took measures to secure its systems. Despite these efforts, the unauthorized access led to the exposure of sensitive consumer data, prompting HSHS to notify affected individuals on September 3, 2024. These notification letters detail the specific information that was compromised for each individual.
HSHS’s notification advises recipients to remain vigilant for signs of fraud or identity theft, given the nature of the exposed data. The healthcare system has implemented additional security measures to prevent future incidents and is providing support to those affected. Individuals who receive a data breach notification from HSHS are encouraged to consult with a data breach lawyer to understand their options and to take necessary steps to protect themselves.
Founded in 1875 and based in Springfield, Illinois, Hospital Sisters Health System is a major healthcare provider with 13 hospitals and a network of physicians across Illinois and Wisconsin. The organization employs over 14,500 people and generates approximately $2.6 billion in annual revenue. This incident highlights the critical importance of data security in the healthcare sector and the need for robust measures to safeguard patient information.
Reference:
