On April 4, 2023, Maimonides Medical Center (“MMC”) discovered unauthorized access to patient information on one of its servers.
Investigation revealed that the hacker had access to the server from March 18, 2023 to April 4, 2023. Information that might have been accessed included names and addresses and limited clinical information, including diagnosis and treatment information. “In a small numbers of instances, social security number could also have been involved,” MMC wrote in a statement.
MMC notified 33,000 potentially impacted patients for whom it has a valid mailing address and is providing free credit and identity monitoring for 24 months to anyone whose information may have been involved.
MMC’s full statement can be found on its website. It makes no mention of any ransom or extortion demand.