Tennessee Heart Clinic Data Breach Impacted 170,000 Patients

Published on August 07, 2023 .
Penny Min
Penny Min
Author
Image by Thapana_Studio via Shutterstock
Image by Thapana_Studio via Shutterstock

The Chattanooga Heart Institute detected a cybersecurity breach on its IT network in April. Further research established that unauthorized outsiders had accessed the network and copied private patient information. As a result, 170,000 patients were impacted.

The Chattanooga Heart Institute discovered the hacking on April 17, protected its network, alerted federal criminal enforcement, and launched an emergency investigation with help from outside forensics. According to the final discovery, the third-party obtained protected data by accessing the network between March 8 and March 16, made public on May 31.

In a breach notice published on its website, the organization, which has three vascular surgeons and 27 cardiologists at four locations in Tennessee and one in Georgia, said a forensics investigation into the incident had revealed that an "unauthorized third party" had gained access to its network between March 8 and March 16 of the previous year.

"Upon discovering the unauthorized third-party access, The Chattanooga Heart Institute took quick action to protect its systems, contain the incident, begin an investigation and maintain continuity of care."

- Clinic's Breach Notice

The attackers did not immediately access the practice's computerized medical record.

Information exposed in the attack included

  • Patient or Guarantor Names
  • Mailing Address
  • Email
  • Phone Number
  • Date of Birth
  • Driver's License Number
  • Social Security Number
  • Account Information
  • Health Insurance Information
  • Diagnosis and Condition Information
  • Lab Results
  • Medications
  • Other Clinical, Demographic, and Financial Information

In the following weeks, letters will be delivered to 170,000 patients whose data may have been compromised. These patients can also get free identity monitoring services from the Chattanooga Heart Institute.

According to the clinic, as each file is thoroughly reviewed, notification letters to anyone whose data may be affected will be delivered via U.S. mail.

Resources:
  1. The Chattanooga Heart Institute. THE CHATTANOOGA HEART INSTITUTE NOTICE OF DATA SECURITY INCIDENT.
  2. DataBreaches. The Chattanooga Heart Institute to notify 170,450 about March "data security incident."
  3. Department of Health & Human Services. Karakurt Threat Profile.
  4. BankInfoSecurity. As Attacks on Healthcare Continue, Feds Warn of New Threats.

More from News
14-Year-Old Dies After Completing the 'One Chip Challenge'
Michelle Obama Co-Founds Company to Improve Kids Nutrition
Lead Poisoning From Ayurvedic Medicines Is Possible
EGCG in Green Tea May Treat Uterine Fibroids
Eating a Handful of Wild Blueberries Daily Improves Memory
Key to Eliminating Medical Racism May Lie in Universal Healthcare
Leave a comment

Your email address will not be published. Required fields are marked