Mercy Medical Center – Clinton has notified 20,865 patients about a security incident that disrupted its network. The security breach was detected on April 4, 2023, and the forensic investigation confirmed its network had been accessed by an unauthorized third party between March 7, 2023, and April 4, 2023.
The attack did not affect patient care but prevented access to its systems while the attack was remediated. The review of the incident is ongoing, but it has been confirmed that the following types of information have been exposed: name, address, date of birth, driver’s license/state identification number, Social Security number, financial account information, medical record number, encounter number, Medicare or Medicaid identification number, mental or physical treatment/condition information, diagnosis code/information, date of service, admission/discharge date, prescription information, billing/claims information, personal representative or guardian name and health insurance information.
Mercy Medical Center did not state whether ransomware was involved but said data had to be restored from backups and some data has likely been lost. Additional technical steps are being taken to try to recreate the lost data it was not possible to restore. Credit monitoring and identity protection services have been offered to affected individuals and additional technical safeguards have been implemented to prevent similar attacks in the future.
How Designers Create Welcoming Senior Care Communities
Data-Driven Decisions: How Analytics Are Shaping Healthcare Facility Planning
UC Health Opens Expanded Freeman Center for Developmental Disabilities
Upward Mobility: Market Forces Drive Hospitals Higher
Georgia Hospital Bomb Hoaxes Highlight Need for Healthcare–Police Partnerships