Atrium Health at Home
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
Atrium Health Data Breaches
Atrium Health has experienced multiple data breaches over the past few years, affecting the personal and health information of patients. Below are the details of the breaches based on the provided search results.
2018 AccuDoc Solutions Breach
In 2018, Atrium Health reported a cyber incident involving unauthorized access to databases hosted by its vendor, AccuDoc Solutions, between September 22 and September 29, 2018. The information potentially accessed included personal details such as names, addresses, dates of birth, insurance policy information, medical record numbers, and Social Security numbers for some individuals. However, no financial account numbers or clinical information were involved. Atrium Health offered credit monitoring to those whose Social Security numbers were potentially accessed[1].
2022 Phishing Attack
In April 2022, Atrium Health at Home discovered a phishing attack that compromised the email and messaging account of an employee. The breach potentially exposed patients’ personal health information, including names, addresses, dates of birth, health insurance information, and for some, Social Security numbers, driver’s license numbers, and financial account numbers. Fewer than 7,000 patients were affected, and Atrium Health notified the impacted individuals[11][16].
2023 Phishing Campaign
Another breach occurred in April 2023 due to a phishing campaign against a company employee. The breach lasted from April 18 to April 20, 2023, and put at risk patient names, Social Security numbers, health insurance information, hospital account record numbers, and birth dates. Atrium Health Wake Forest sent out individual notices to those identified as having information exposed in the breach[2][5].
Nuance Communications Breach
On May 31, 2023, Nuance Communications, a third-party vendor of Atrium Health, experienced a data breach through a vulnerability in the MOVEit file sharing platform between May 28 and 29, 2023. The breach involved sensitive personal identifiable information and protected health information. Atrium Health began contacting individuals whose information may have been impacted on September 22, 2023[3][9][10][12].
Recommendations for Affected Individuals
Affected individuals are advised to monitor their account statements and credit reports for signs of fraud or unauthorized activity. They should also consider enrolling in free credit monitoring services provided by Atrium Health or Nuance Communications and change passwords for online accounts. Additionally, placing a temporary fraud alert with credit bureaus can help protect against identity theft[1][3][7].
Atrium Health’s Response
Atrium Health has taken these incidents seriously, engaging forensic investigators, reviewing security safeguards, and remaining vigilant for similar types of incidents. They have also been in contact with the FBI regarding these breaches[1][4][8].
For further assistance or information, affected individuals can contact Atrium Health through the provided toll-free numbers and websites mentioned in the notices[1][3][7].
Citations:
- https://atriumhealth.org/about-us/newsroom/security/special-announcement
- https://www.idstrong.com/sentinel/atrium-health-suffered-data-breach/
- https://www.turkestrauss.com/2023/10/06/atrium-health-data-breach-investigation/
- https://www.wbtv.com/2023/01/30/atrium-health-reportedly-part-widespread-cyber-attack/
- https://www.idstrong.com/data-breaches/atrium-health-breach/
- https://cdn.atriumhealth.org/-/media/chs/files/about-us/posted-hipaa-substitute-notice.pdf?_ga=2.79242324.138976377.1655&rev=6de2fb0eb1e5479b85f82f42fbf3513b
- https://www.turkestrauss.com/2022/06/24/atrium-health-at-home-data-breach-investigation/
- https://www.govtech.com/security/north-carolina-health-system-notifies-patients-of-data-breach.html
- https://www.charlotteobserver.com/news/business/article279392684.html
- https://spectrumlocalnews.com/nc/charlotte/news/2023/09/18/cyberattack-data-stolen-north-carolina-hospitals
- https://www.beckershospitalreview.com/cybersecurity/atrium-notifies-patients-of-phishing-attack-potentially-exposing-their-info.html
- https://journalnow.com/news/local/software-data-breach-affects-atrium-novant-patients/article_f55a63d4-5712-11ee-8b43-6b858fcedb93.html
- https://www.fiercehealthcare.com/hospitals-health-systems/hackers-access-more-than-2-6-million-billing-records-atrium-health
- https://www.charlotteobserver.com/news/business/article222248245.html
- https://www.wcnc.com/article/news/local/atrium-health-website-suffers-cyber-attack-hospitals-across-the-country-also-targeted-north-carolina-charlotte-medical-centers-hack-cybersecurity/275-c586e2d8-4e47-40c1-8e15-4032c8ef77a6
- https://sievenetworks.com/security_resources/patients-aware-of-phishing/