Emory Healthcare alerted thousands of patients about a fraud scheme Monday. Hospital officials said someone stole personal patient information and used that information illegally.
Emory officials said 77 people had their social security numbers stolen and used in a tax return scam. Officials said 2,400 other patients were given 12 month identity protection in case they are targeted in the future.
[…]
According to officials the fraud was discovered by the IRS, because they detected fraudulent tax returns.
Read more on MyFOXAtlanta. There is no statement up on Emory Healthcare’s web site at the time of this posting so it is not clear how the patient data were stolen, when they were stolen, or why Emory notified 2400 patients whose information were not involved in tax refund fraud.
Update: Duffie Dixon of 11Alive in Atlanta provides more details:
The information stolen “included name, Social Security Number, address, date of birth ad/or limited health information”.
Patients of the Emory Clinic Section of Orthopaedics & Spine Center at Emory Healthcare were notified that their data may be in the hands of hackers.
There is still no indication as to when the breach occurred.
h/t, DataLossDB.org for the update