DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Froedtert Health notifies patients after computer with patient information infected by virus

Posted on February 14, 2013 by Dissent

Milwaukee-based Froedtert Health has issued a notice on its web site:

Froedtert Health and our affiliates are committed to maintaining the privacy and security of the personal information provided to us. Our affiliates include Froedtert Hospital, Community Memorial Hospital of Menomonee Falls, St. Joseph’s Community Hospital of West Bend, Froedtert Health Medical Group (also known as the West Bend Clinic and formerly known as Medical Associates of Menomonee Falls), West Bend Surgery Center, and Kettle Moraine Anesthesiology.  Regrettably, the purpose of this notice is to inform you of an incident involving some of that information.

On December 14, 2012, we learned that a computer virus may have allowed an unauthorized person to access a Froedtert Health employee’s work computer account.  We found no evidence that any unauthorized person accessed any personal information or medical records.  As a precaution, we felt it was important to tell you this occurred.

We immediately began an investigation and hired an expert computer forensics company to examine what happened.  The forensics company could not definitively rule out the possibility the virus was able to obtain information stored in the employee’s work computer account. A file in the employee’s work computer account contained some patients’ information, including names, addresses, telephone numbers, dates of birth, medical record numbers, names of health insurers, diagnoses, other clinical information, and in some instances Social Security numbers. Financial information was not stored in any files in the employee’s work computer account.

We have set up a call center with a toll-free help line for patients who have questions. The phone number is 1-855-770-0006. When prompted, please enter the following 10-digit reference code:  5764020813.  The call center is staffed weekdays from 8 am until 5 pm Central time. Also, if you have concerns about this situation and have not received a letter from us by March 5, 2013, please call the help line with your questions.

We deeply regret any concerns this may cause our patients.  Protecting the privacy and confidentiality of the personal information we maintain always has been one of our highest priorities. Unfortunately, such computer attacks are increasingly common, affecting organizations worldwide. We continually update our computer virus protection and are conducting a comprehensive internal review of our information security practices and procedures to help prevent such events in the future.

Jesse Garza of the Journal Sentinel reports that 43,000 patients may be affected and that fewer than 3% of the files on the employee’s computer contained Social Security numbers.

Looking at the Froedtert statement again, though, I just realized that although they say they discovered the problem in December, they don’t state when the system actually got infected or how it get infected.  And once again, we  should note the difference between their statement that “we found no evidence”  (of access) vs. their forensics firm saying “We can’t definitively rule out access.”  Absence of evidence is not …. you know the rest.

No related posts.

Category: Health Data

Post navigation

← Plaintiffs failed to demonstrate injury, so please toss the case – Sony
UK: ICO urges more care with personal data as Nursing and Midwifery Council receives £150,000 penalty →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • DOJ investigates ex-ransomware negotiator over extortion kickbacks
  • Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns
  • One in Five Law Firms Hit by Cyberattacks Over Past 12 Months
  • U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware
  • Senator Chides FBI for Weak Advice on Mobile Security
  • Cl0p cybercrime gang’s data exfiltration tool found vulnerable to RCE attacks
  • Kelly Benefits updates its 2024 data breach report: impacts 550,000 customers
  • Qantas customers involved in mammoth data breach
  • CMS Sending Letters to 103,000 Medicare beneficiaries whose info was involved in a Medicare.gov breach.
  • Esse Health provides update about April cyberattack and notifies 263,601 people (1)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Oregon Amends Its Comprehensive Privacy Statute
  • Wisconsin Supreme Court’s Liberal Majority Strikes Down 176-Year-Old Abortion Ban
  • 20 States Sue HHS to Stop Medicaid Data Sharing with ICE
  • Kids are making deepfakes of each other, and laws aren’t keeping up
  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.