Two Rivers Public Health Department (TRPHD) in Nebraska has recently confirmed that the protected health information of 15,168 patients was stored in an employee Office365 account that was accessed by an unauthorized third party.
TRPHD said suspicious activity was detected within its server infrastructure on November 9, 2022. The initial investigation conducted by a third-party IT firm concluded that patient data had not been compromised; however, out of an abundance of caution, an external forensic investigation firm was engaged to fully investigate the security breach and confirmed that an Office 365 account was accessed by an unauthorized individual between September 14, 2022, through November 8, 2022. The review of the account confirmed it contained protected health information, although the press release issued did not state what types of information had been exposed.
TRPHD said the document review was completed on March 15, 2023, and notifications were mailed to affected individuals on April 14, 2023. Additional security measures have been implemented to better secure its systems against unauthorized access.
Ensuring Successful Capital Project Management
C. auris: A Growing Threat to Healthcare Facilities
Watsonville Community Hospital Reports Data Security Incident
Why Cyber Readiness Is the New Standard of Care
Smarter, Faster, Safer: The Rise of AI in Healthcare Security Technologies