A recent data breach at Loretto Hospital has potentially compromised the personal information of over 500 individuals, sparking concern and an investigation into the incident. According to a report by the Chicago Sun-Times, an unknown hacker infiltrated the hospital's computer network between January 17 and February 1, leading to unauthorized access to files. Loretto Hospital, located at 645 S. Central Ave.. in Austin, commenced a probe upon discovering "suspicious activity involving our computer network."
The U.S. Department of Health and Human Services confirmed that the personal data of no less than 500 people was accessed during the breach. Attempts to swiftly recover and secure the hospital's systems were made, however, some information may have permanently been lost. “We worked diligently to restore and capture as much data and patient records as possible during this downtime, but some records may not have been recovered or fully recreated,” the hospital conveyed in a notice. The hospital is actively reviewing the affected files and has committed to notifying individuals whose information was compromised.
Loretto Hospital's electronic medical record system suffered additional issues following the breach, as certain data inputs on February 2 and 3 failed to save properly. This has raised further concerns about the completeness of patient records and integrity of the hospital's data management systems following the cyber attack. The hospital's efforts to rectify the situation involve a meticulous evaluation of the saved records in an attempt to patch any information gaps created by the system failures.
For those seeking more information or having questions about the impact of the breach, Loretto Hospital has provided contact details. Concerned patients can reach out directly to the email address [email protected]. Additionally, the hospital encourages writing to their Information Systems CIO at the hospital's address provided by ABC7 Chicago. As the investigation progresses, the hospital aims to transparently to determine exactly what information was accessed and taken by the hackers.
