MGH discovered the breach on June 24, 2019 and quickly shut down access to the applications and databases. An investigation was initiated, and a forensic investigator was used to help determine the nature and extent of the breach. The review showed that that two applications had been subjected to unauthorized access between June 10 and June 16, 2019.
Using the applications, the unauthorized person would have been able to view data in databases related to specific neurology research studies. The sort of information in the databases was different from patient to patient and may have included: Name, marital status, age, date of birth, sex, race, ethnicity, dates of visits and tests, medical record number, diagnoses, treatment information, biomarkers, genetic details, assessments and results, and other research data, including date of death and details of autopsy results. Highly sensitive data such as Social Security numbers, financial information, and health insurance information were not accessible.
Based on the findings of the investigation and the nature of the information exposed, MGH does not think affected individuals need to take any steps to safeguard their identities. MGH will complete a review of its security processes for research programs and will take steps to enhance security to prevent similar breaches going forward.
In a separate breach, Sonoma Valley Hospital in California has been forced to discontinue its three-letter domain name after hackers took over the domain.
The attack took place on August 6. Hackers gained access to its svh.com domain and locked out the hospital. The hospital released a statement saying it had become apparent that the domain could not be recovered so the decision was taken to shift to a new domain.
Internet connectivity and email accounts have now been moved to sonomavalleyhospital.org. Patients have been told to update their contact details for the hospital as emails sent to email addresses on the old domain are not being received.
No patient information was impacted during the attack, but that does not mean patients are not in danger. The individuals who now control the domain could deploy it in phishing attacks on Sonoma Valley Hospital patients.
According to the hospital, the impact of the domain theft cannot be underestimated. The hospital will have to edit all printed material, including business cards, letterheads, marketing material, and branded items.