Cyberattack on Kalispell Regional breaches patient data

Print Article

Nurses work in the new ER wing at Kalispell Regional Medical Center. (Casey Kreider/Daily Inter Lake FILE)

A data breach at Kalispell Regional Healthcare earlier this year may have compromised the personal information of nearly 130,000 patients, hospital officials reported on Tuesday.

Kalispell Regional said the hackers used fraudulent emails to bait employees into providing login credentials. The hospital did not know the extent of attack, which happened in May, until an outside forensic firm concluded its investigation in late August. A deeper investigation has since identified the specific patients who were affected.

The vulnerable information is different for each patient, but could involve names, addresses, phone numbers, medical bill account numbers, health insurance information and medical history. The hospital estimates about 250 patients may have had their Social Security numbers taken.

Of those affected, 90 percent are Montana residents.

Patients seen exclusively at North Valley Hospital, an affiliate of Kalispell Regional Healthcare, should not be affected. But North Valley patients often receive services from Kalispell Regional Medical Center and could be affected if they have done so, according to Kalispell Regional spokeswoman Mellody Sharpton.

Kalispell Regional is in the process of mailing notification letters to all those affected, which patients should receive in the coming days. The letters will tell patients what types of their personal information might have been taken and will provide steps to protect that information.

The hospital is offering all notified patients complimentary fraud consultation and identity theft restoration services. Certain patients will also receive 12 months of free web or credit monitoring services, depending on that patient’s affected information.

The forensic firm that performed the investigation was not able to track the source of the attack.

“This wasn’t your everyday, average hacker. They were very sophisticated at disguising their tracks,” said Melanie Swenson, director of information technology at Kalispell Regional Healthcare. She added that her department blocks about 50,000 incoming email threats per day.

Since the breach, the hospital has taken steps to minimize the chance of another breach, such as helping employees learn how to identify suspicious emails.

“This is an educational moment. I don’t think people realize how robust” the IT system has to be to handle outside threats, Swenson said.

A 2018 audit by cybersecurity consulting firm CynergisTek found Kalispell Regional was in the top 9% of organizations in the health-care industry for cybersecurity compliance.

“We are committed to protecting patients’ privacy,” Craig Lambrecht, chief executive officer of Kalispell Regional Healthcare, said in a media statement. “In addition, the organization will work with the authorities to hold the perpetrators accountable for this attack against our patients’ privacy.”

Hospital data breaches are becoming increasingly common, according to the U.S. Department of Health and Human Services Office for Civil Rights. Within the last 90 days, 23 hospitals in the United States have reported data breaches affecting at least 500 individuals.

Montana hospitals have experienced 16 “data security incidents” since 2011, the Office for Civil Rights reports, including large data breaches at the Billing Clinic and Bozeman Deaconess Hospital.

For more information, Kalispell Regional is directing patients to call its designated help line at 1-877-514-0850.

Print Article

Read More Breaking News

Flathead Valley man pleads guilty to negligent homicide in boyfriend’s death

December 11, 2019 at 2:13 pm | Daily Inter Lake A Flathead Valley man has pleaded guilty to stabbing his boyfriend to death. Court documents indicate that Ryan Cody Lamb, 35, of Whitefish, entered a plea of guilty by way of Alford plea to neglige...

Comments

Read More

Former commissioner Dale Lauman dies

December 05, 2019 at 1:11 pm | Daily Inter Lake Former Flathead County Commissioner Dale Lauman, who was well-known not only for extensive community service that spanned decades but also for his statesmanship, kindness and compassion, died Wednesd...

Comments

Read More

Authorities make arrest in Bigfork bomb scare

December 03, 2019 at 9:42 am | Daily Inter Lake Law enforcement officials have made an arrest in relation to a bomb threat at Bigfork High School Monday. According to information from the Flathead County Sheriff’s Office, after further investigat...

Comments

Read More

Bigfork High students return to classes following unfounded bomb threat

December 02, 2019 at 10:21 am | Daily Inter Lake Students have returned to classes after Bigfork High School received a bomb threat Monday morning that, upon further investigation, turned out to be unfounded, according to the Flathead County Sher...

Comments

Read More

Contact Us

(406) 755-7000
727 East Idaho
Kalispell, MT 59901

©2019 Daily Inter Lake Terms of Use Privacy Policy
X
X