Data security breach at local neurosurgical center - KPLC 7 News, Lake Charles, Louisiana

BREAKING

Data security breach at local neurosurgical center

(Source: Raycom) (Source: Raycom)
LAKE CHARLES, LA (KPLC) -

A data security breach has occurred at a local neurosurgical center.

The Center for Neurosurgical and Spinal Disorders announced Wednesday that a breach occurred in July.

A hacker gained remote access to the office manager's computer and installed a program that recorded keystrokes and periodically took screenshots of what was being displayed on the computer, according to a news release from Office Manager Courtney Williams.

Screenshots were taken of 823 patients' information, as well as of 311 patients of another practice for whom the Center bills, between the dates of July 7 through July 18.

The screen shots revealed that some patients only had their name displayed, while the screen shots of other patients reflected more detailed information including name, address, phone number, social security number, medical chart information, and billing information. 

The hacking appears to be a foreign cyberattack, Williams said.

The Center has hired an identity theft and restoration firm, Identity Force. Concerned patients may contact Identity Force at 1-877-MYIDFORCE (877-694-3367) or at memberservices@identityforce.com.

Here is the full news release:

Lake Charles, LA – On the morning of July 21, 2016, we detected an unauthorized intruder in one of our computers.  Access to this computer was immediately shut down; subsequently, CNSD’s servers and network were taken offline. CNSD's IT professional, who after performing an investigation, determined that a hacker had gained remote access to the office manager's computer and installed both a program which recorded the user's keystrokes, and a program that periodically took screen shots of what was being displayed on the computer. A subsequent investigation revealed that screen shots of 823 CNSD's patients (along with 311 patients of another practice for whom CNSD bills) were taken between the dates of 7/7/16-7/18/16.  It is unclear whether any of this information was downloaded.  The Federal Bureau of Investigation (FBI) is actively performing a forensic investigation of what appears to be a foreign cyberattack based upon the Cyrillic script language used by the hacker.  The screen shots revealed that some patients only had their name displayed, while the screen shots of other patients reflected more detailed information including name, address, phone number, social security number, medical chart information, and billing information. 
CNSD has taken the following steps in connection with this security breach to preclude future reoccurrences. 
1.    CNSD reported the security breach to the FBI.  Two FBI agents came to CNSD's office and interviewed the owner, office manager, and IT professional.  The FBI has taken custody of the hard drive which was hacked and opened an investigation. 
2.    CNSD sent notification letters to all known patients affected by the security breach. 
3.    After the FBI took the hacked hard drive, CNSD's IT professional put in a new hard drive with a new operating system into the computer at issue, and CNSD hired a separate IT security company to perform a complete examination of all software, servers, computers, routers, firewalls, and office security.  No additional suspicious programs, viruses, spyware, or malware were detected. The security firm has been retained to provide ongoing network security analysis and advanced threat protection.
4.    CNSD will be notifying the federal Office of Civil Rights which monitors security breaches. 
5.    CNSD is notifying the three major consumer credit reporting companies in the United States.  
6.    To protect against identify theft, CNSD has hired an identity theft and restoration firm, Identity Force, to provide free identity theft insurance, identity monitoring, and identity restoration to all patients whose data was accessed, and to answer all patients’ questions.  Questions regarding this matter may be directed to Identity Force, 1-877-MYIDFORCE (877-694-3367) or by email:  memberservices@identityforce.com.

Copyright 2016 KPLC. All rights reserved.

  • More Local NewsNewsMore>>

  • TRAFFIC: All lanes are now open at Ryan and Sallier

    TRAFFIC: All lanes are now open at Ryan and Sallier

    Monday, April 24 2017 1:14 PM EDT2017-04-24 17:14:50 GMT
    Intersection at Ryan and Sallier Streets (Source: Google maps)Intersection at Ryan and Sallier Streets (Source: Google maps)

    Avoid the area of Ryan and Sallier Streets for the next hour due to a traffic accident that is causing road blockage. 

    More >>

    Avoid the area of Ryan and Sallier Streets for the next hour due to a traffic accident that is causing road blockage. 

    More >>
  • Lake Charles Spring Art Walk April 28

    Lake Charles Spring Art Walk April 28

    Monday, April 24 2017 7:31 AM EDT2017-04-24 11:31:12 GMT
    (Source: The Arts Council of Southwest Louisiana)(Source: The Arts Council of Southwest Louisiana)

    Come celebrate the Lake Area's vibrant community during the Arts Council of SWLA's annual Spring Art Walk.

    More >>

    Come celebrate the Lake Area's vibrant community during the Arts Council of SWLA's annual Spring Art Walk.

    More >>
  • 2017 Contraband Days Louisiana Pirate Festival set for May 4-7

    2017 Contraband Days Louisiana Pirate Festival set for May 4-7

    Monday, April 24 2017 7:30 AM EDT2017-04-24 11:30:26 GMT
    (Source: Lake Charles/SWLA CVB)(Source: Lake Charles/SWLA CVB)

    The 2017 Contraband Days Louisiana Pirate Festival will be held May 4-7 at the Lake Charles Civic Center.

    More >>

    The 2017 Contraband Days Louisiana Pirate Festival will be held May 4-7 at the Lake Charles Civic Center.

    More >>
Powered by Frankly