Broward Health, a Florida-based healthcare system with over thirty locations, has suffered a significant data breach impacting over a million individuals.
The incident took place last October, and Broward Health was able to identify the intrusion four days after the compromise. Authorities were informed immediately, and employees were invited to reset their credentials.
It now appears threat actors have been able to get their hands on patients’ personal medical information, including sensitive data such as physical addresses, medical history, insurance information, and social security numbers.
“At Broward Health, protecting the personal and medical information of our patients is one of our top priorities. In this regard, I am writing to inform you of a recent isolated incident involving your personal medical information. Although we have no evidence that your personal information has been misused, we are writing to make you aware of the security incident so that you may take any necessary precautions and to offer identity monitoring services at no cost to you to further protect your information,” said the healthcare system in a letter sent to affected parties.
“In response to this incident, Broward Health is taking steps to prevent recurrence of similar incidents, which include the ongoing investigation, a password reset with enhanced security measures across the enterprise, and the implementation of multifactor authentication for all users of its systems. We have also begun implementation of additional minimum-security requirements for devices that are not managed by Broward Health Information Technology that access our network, which will become effective in January 2022,” Broward Health added.