Names, addresses, birthdays, Social Security numbers, and health insurance information of 45,000 Rush patients have possibly been compromised in a data breach. A contracted employee of Rush’s billing department inadvertently sent a file to a party that was not supposed to receive it. The third-party vendor contract has since been suspended pending an investigation. The breach was noticed on January 22nd and documented within a financial file on the 12th of February, which then led to a patient notice letter on February 25th. Rush is offering free one-year identity monitoring to patients that could have possibly been affected. This is the second incident of information being misused by Rush since the beginning of the year.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased