DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Einstein Health Network notifies 3,000 patients after web exposure of information

Posted on April 7, 2016 by Dissent

Justin Heinze reports:

Einstein Healthcare Network may have suffered a data breach, they announced Thursday, and they are sending letters home to patients that may have been effected.

The incident involved a website database containing patient information entered into Einstein’s website “Request for Information” form, Einstein said.

 

Read more on Norristown Patch.

EHN posted a notice, linked from their home page, on April 1:

Einstein Healthcare Network is committed to maintaining the privacy and security of our patients’ personal information. Regrettably, this notice is regarding an incident involving some of that information.  This incident did not involve Einstein’s electronic patient medical record systems or any hacking or virus infection.

On February 2, 2016, we learned that a website database containing information entered into our website “Request for Information” form, which contained patient information, had inadvertently been left accessible via the internet.  Upon learning this, we immediately secured the website database and removed it from public view.  We also immediately began an internal investigation and determined that the website database may have contained patients’ names, telephone numbers, reasons for submitting the requests, physicians’ names and health information, if any,  entered into the website form.  The website database did not contain Social Security numbers, financial information, or electronic patient medical records.

This incident did not affect all Einstein patients, but only certain patients who entered information into our website “Request for Information” form prior to February 2016. We have no knowledge that any patient information has been used improperly. However, in an abundance of caution, we mailed letters to affected patients on March 31, 2016 and have established a dedicated call center to answer patients’ questions. If you believe you are affected but do not receive a letter by April 22, 2016, please call 1-844-789-7062,Monday through Friday between 9:00 a.m. and 9:00 p.m. Eastern time.

To help prevent something like this from happening in the future, we have secured the website database and are enhancing our security measures for the website. We deeply regret any concern this may cause our patients.

Related posts:

  • PA: Einstein Healthcare Network Notifies Patients August Email Hack
  • Veterans Administration responds to Freedom of Information request; releases breach reports
Category: ExposureHealth DataU.S.

Post navigation

← FBI: $2.3 Billion Lost to CEO Email Scams
RESOURCE: Bryan Cave 2016 Data Breach Litigation Report →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.