Hackers Accessed Server and Stole PHI of Medical Supply Company

Posted by BAS - 23 January, 2014

header-picture

A medical supply company based in Ohio had its servers compromised earlier this year. Hackers gained access to protected health information of approximately 4,200 individuals stored on its servers. This information included names, date of birth, medical diagnosis, order history, telephone number. Credit card information was accessed for a small number of these individuals.

It is reported that the hackers gained access to the servers through an Adobe software product. Malware was installed on the servers which was able to access users’ login information.

The company contacted individuals and reset user IDs and passwords.

BAS employs sophisticated anti-virus software, along with the Tripwire change-management product which would have prevented such breach. BAS has a full-time employee dedicated to watching BAS servers and identifying any changes to BAS systems. This dedication to security change-management protects the personal information of clients’ employees and avoids breaches like the one experienced by the medical supply company.

For more information about BAS’ security practices, contact security@BASusa.com.

Topics: MyEnroll360 Security


Recent Posts

Question of the Week - Allergy Medicine

read more

New Guidance on Tracking Technologies and HIPAA

read more

Enhancing Benefits Administration Efficiency: MyEnroll360's New Hire Waiting Period Management

read more