DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

MO: Black River Medical Center notified patients whose information was potentially accessed

Posted on June 20, 2018 by Dissent

Black River Medical Center in Missouri has sent notification letters to an unspecified number of patients potentially affected by a phishing incident discovered in April.  Here is their June 13 notice from their web site:

Black River Medical Center has become aware of a potential data security incident that may have resulted in the inadvertent exposure of some patients’ personal information.  Although at this time there is no evidence that patient information was actually accessed or viewed, or any indication that anyone’s information was actually misused, we have taken steps to notify any patients who may have been affected by this incident.  This includes sending letters to anyone whose information might have been exposed.

On April 23, 2018, we discovered that an employee’s email account was compromised as the result of a phishing attack.  Our IT department immediately commenced an investigation to determine whether sensitive information in the account was at risk.  The investigation determined that an unknown, unauthorized third party gained access to the employee’s email account and could have viewed or accessed the information contained therein, which included patients’ names, addresses and phone numbers, and in certain instances, limited treatment information. Fortunately, Social Security numbers or financial / billing information were not involved in this incident.

At this time, there is no evidence that the unauthorized party actually accessed or viewedany patient information in the email account, and Black River is not aware of any misuse of patient information. Notification letters mailed on June 13, 2018, include additional information about what occurred and a toll-free number that patients can call to learn more about the incident. The call center is available Monday through Friday from 7:00 AM and 7:00 PM Central, and can be reached at 1-800-939-4170.  For more information, you may also visit https://stage.myidcare.com/BlackRiverMedicalCenter.

The privacy and protection of patient information is a top priority for Black River Medical Center, which regrets any inconvenience or concern this incident may cause.

The incident is not on HHS’s public breach tool at the time of this blog post.  Whether that is a function of less than 500 patients being notified or just due to some delay in posting on HHS’s part is not yet clear.

Related posts:

  • Updating: CaptureRx incident impacted more than 2.4 million. List of Entities.
  • Victims of W-2 phishing scams (2017 list)
Category: Health DataPhishingU.S.

Post navigation

← Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don’t)
Email providers blacklist oregon.gov, now state can’t email some members of the public →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.