Beaumont Data Breach Exposes Private Health Information and Social Security Numbers

hospital hallway

 (WWJ) Beaumont Health System informed patients and former patients of a data breach that exposed sensitive personal information, including confidential health details and the Social Security numbers of some.

In a press release, hospital officials said several employee email accounts were hacked by an unauthorized third party. Approximately 112,000 people were impacted, about 5% of Beaumont’s 2.3 million patient population. Hackers accessed the accounts between May 23, 2019 and June 3, 2019.

“Our investigation was unable to determine definitively if any information was actually acquired by the unauthorized third party, and Beaumont has no knowledge of any inappropriate or misuse of data,” the press release stated, “Beaumont’s medical information remains secure…. However, out of an abundance of caution, we are issuing notices to anyone whose information may have been contained in the accessed accounts.”

The electronic medical record system was not affected, according to the health system.

Beaumont said the email accounts contained confidential health data including: name, date of birth, diagnosis, diagnosis code, procedure, treatment location, treatment type, prescription information, Beaumont patient account number, and Beaumont medical record number.

A smaller number of people had Social Security numbers, financial account numbers, health insurance information, driver’s license numbers, and state ID numbers in the impacted email accounts.

Beaumont told WWJ they quickly involved an external cybersecurity firm to conduct an investigation upon learning of the breach. They said they’ve also stepped up security procedures. 

If you have concerns you were impacted or questions; Beaumont has set up a toll-free response line at 888-921-0518. It will be open Monday through Friday, 9:00 am to 6:30 pm.