DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Stolen Northwestern Memorial Healthcare computer had information of 2,800 patients

Posted on December 19, 2014 by Dissent

Carlos Sadovi reports:

Nearly 3,000 patients are being notified that a laptop computer stolen in October contained health information from patients of the Northwestern Memorial Healthcare group, hospital officials said Friday

The 2,800 people had been patients of Northwestern Medicine Lake Forest Hospital, Northwestern Memorial Hospital and Northwestern Medical Group, officials said in press release late Friday.

Officials said that they were notified of the theft on Oct. 21.

The laptop computer, which was password protected and “yet unencrypted” contained patient information when it was inside an employee’s vehicle that was stolen on Oct. 21.

Read more on Chicago Tribune.

A notice posted to the hospital’s web site reads:

Northwestern Lake Forest Hospital, Northwestern Memorial Hospital, and Northwestern Medical Group, affiliates of Northwestern Memorial HealthCare (collectively NMHC”), are committed to protecting the confidentiality and security of our patients’ information. Regrettably, this notice concerns an incident involving some of that information.

On October 21, 2014, we learned that a password protected, unencrypted laptop containing patient information was inside an employee’s vehicle that was stolen on that same date. The employee immediately contacted law enforcement who began an investigation. We also immediately began an internal investigation, including hiring an outside expert forensics firm to recreate the data on the laptop. Our investigation determined that the laptop may have contained patients’ names, addresses, dates of birth, health insurance information, billing codes, date of services, physician’s name, medical record numbers, diagnosis, treatment information, and, in some limited instances, Social Security numbers. Patients’ credit card and bank account information were not on the laptop.

This incident did not affect all NMHC patients, and NMHC sent letters notifying affected patients.

At this time, we have no knowledge that this information has been used in any way. However, as a precaution, we began sending letters to affected patients on December 19, 2014, and have established a dedicated call center to answer questions that patients may have. If you believe you are affected but do not receive a letter by January 9, 2014, please call 888-266-9276, Monday through Friday, from 8:00 AM to 8:00 PM Central Time.

We deeply regret any inconvenience this may cause you. NMHC has a robust privacy and security program, including encryption of laptop computers. To help prevent something like this from happening again, NMHC is confirming and ensuring encryption of all laptop computers and reinforcing education with our staff on the importance of handling patients’ information securely.

Please click here to download Notice About Stolen Laptop (PDF).

Category: Uncategorized

Post navigation

← PA: Police investigate hacking threat against Pine Forge Academy
Mercy Medical Center Redding Oncology Clinic notifies patients of privacy breach (updated) →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Nova Scotia Power hit by cyberattack, critical infrastructure targeted, no outages reported
  • Georgia hospital defeats data-tracking lawsuit
  • 60K BTC Wallets Tied to LockBit Ransomware Gang Leaked
  • UK: Legal Aid Agency hit by cyber security incident
  • Public notice for individuals affected by an information security breach in the Social Services, Health Care and Rescue Services Division of Helsinki
  • PowerSchool paid a hacker’s extortion demand, but now school district clients are being extorted anyway (3)
  • Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines
  • Call for Public Input: Essential Cybersecurity Protections for K-12 Schools (2025-26 SY)
  • Cyberattack puts healthcare on hold for hundreds in St. Louis metro
  • Europol: DDoS-for-hire empire brought down: Poland arrests 4 administrators, US seizes 9 domains

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Apple Siri Eavesdropping Payout Deadline Confirmed—How To Make A Claim
  • Privacy matters to Canadians – Privacy Commissioner of Canada marks Privacy Awareness Week with release of latest survey results
  • Missouri Clinic Must Give State AG Minor Trans Care Information
  • Georgia hospital defeats data-tracking lawsuit
  • No Postal Service Data Sharing to Deport Immigrants
  • DOGE aims to pool federal data, putting personal information at risk
  • Privacy concerns swirl around HHS plan to build Medicare, Medicaid database on autism

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.