DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Froedtert Health notifies patients after computer with patient information infected by virus

Posted on February 14, 2013 by Dissent

Milwaukee-based Froedtert Health has issued a notice on its web site:

Froedtert Health and our affiliates are committed to maintaining the privacy and security of the personal information provided to us. Our affiliates include Froedtert Hospital, Community Memorial Hospital of Menomonee Falls, St. Joseph’s Community Hospital of West Bend, Froedtert Health Medical Group (also known as the West Bend Clinic and formerly known as Medical Associates of Menomonee Falls), West Bend Surgery Center, and Kettle Moraine Anesthesiology.  Regrettably, the purpose of this notice is to inform you of an incident involving some of that information.

On December 14, 2012, we learned that a computer virus may have allowed an unauthorized person to access a Froedtert Health employee’s work computer account.  We found no evidence that any unauthorized person accessed any personal information or medical records.  As a precaution, we felt it was important to tell you this occurred.

We immediately began an investigation and hired an expert computer forensics company to examine what happened.  The forensics company could not definitively rule out the possibility the virus was able to obtain information stored in the employee’s work computer account. A file in the employee’s work computer account contained some patients’ information, including names, addresses, telephone numbers, dates of birth, medical record numbers, names of health insurers, diagnoses, other clinical information, and in some instances Social Security numbers. Financial information was not stored in any files in the employee’s work computer account.

We have set up a call center with a toll-free help line for patients who have questions. The phone number is 1-855-770-0006. When prompted, please enter the following 10-digit reference code:  5764020813.  The call center is staffed weekdays from 8 am until 5 pm Central time. Also, if you have concerns about this situation and have not received a letter from us by March 5, 2013, please call the help line with your questions.

We deeply regret any concerns this may cause our patients.  Protecting the privacy and confidentiality of the personal information we maintain always has been one of our highest priorities. Unfortunately, such computer attacks are increasingly common, affecting organizations worldwide. We continually update our computer virus protection and are conducting a comprehensive internal review of our information security practices and procedures to help prevent such events in the future.

Jesse Garza of the Journal Sentinel reports that 43,000 patients may be affected and that fewer than 3% of the files on the employee’s computer contained Social Security numbers.

Looking at the Froedtert statement again, though, I just realized that although they say they discovered the problem in December, they don’t state when the system actually got infected or how it get infected.  And once again, we  should note the difference between their statement that “we found no evidence”  (of access) vs. their forensics firm saying “We can’t definitively rule out access.”  Absence of evidence is not …. you know the rest.

Category: Health Data

Post navigation

← Plaintiffs failed to demonstrate injury, so please toss the case – Sony
UK: ICO urges more care with personal data as Nursing and Midwifery Council receives £150,000 penalty →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Western intelligence agencies unite to expose Russian hacking campaign against logistics and tech firms
  • Disrupting Lumma Stealer: Microsoft leads global action against favored cybercrime tool
  • Researchers Scrape 2 Billion Discord Messages and Publish Them Online
  • Privilege Under Fire: Protecting Forensic Reports in the Wake of a Data Breach
  • Hacker who breached communications app used by Trump aide stole data from across US government
  • Massachusetts hacker to plead guilty to PowerSchool data breach (1)
  • Cyberattack brings down Kettering Health phone lines, MyChart patient portal access (1)
  • Gujarat ATS arrests 18-year-old for cyberattacks during Operation Sindoor
  • Hackers Nab 15 Years of UK Legal Aid Applicant Data
  • Supplier to major UK supermarkets Aldi, Tesco & Sainsbury’s hit by cyber attack with ransom demand

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Researchers Scrape 2 Billion Discord Messages and Publish Them Online
  • GDPR is cracking: Brussels rewrites its prized privacy law
  • Telegram Gave Authorities Data on More than 20,000 Users
  • Police secretly monitored New Orleans with facial recognition cameras
  • Cocospy stalkerware apps go offline after data breach
  • Drugmaker Regeneron to acquire 23andMe out of bankruptcy
  • Massachusetts Senate Committee Approves Robust Comprehensive Privacy Law

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.
Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report