Mercy Medical Center – Clinton has notified 20,865 patients about a security incident that disrupted its network. The security breach was detected on April 4, 2023, and the forensic investigation confirmed its network had been accessed by an unauthorized third party between March 7, 2023, and April 4, 2023.
The attack did not affect patient care but prevented access to its systems while the attack was remediated. The review of the incident is ongoing, but it has been confirmed that the following types of information have been exposed: name, address, date of birth, driver’s license/state identification number, Social Security number, financial account information, medical record number, encounter number, Medicare or Medicaid identification number, mental or physical treatment/condition information, diagnosis code/information, date of service, admission/discharge date, prescription information, billing/claims information, personal representative or guardian name and health insurance information.
Mercy Medical Center did not state whether ransomware was involved but said data had to be restored from backups and some data has likely been lost. Additional technical steps are being taken to try to recreate the lost data it was not possible to restore. Credit monitoring and identity protection services have been offered to affected individuals and additional technical safeguards have been implemented to prevent similar attacks in the future.
Regulations Take the Lead in Healthcare Restroom Design
AHN Allegheny Valley Hospital Opens Expanded Inpatient Rehabilitation Unit
HSHS and Lifepoint Rehabilitation Partner on New Inpatient Rehab Hospital in Green Bay
Turning Facility Data Into ROI: Where Healthcare Leaders Should Start
Sutter Health Breaks Ground on Advanced Cancer Center and Care Complex