Another day, another data breach. But in this case, the information that was compromised contained the medical records of children.
Children’s Mercy Hospital in Kansas City, Missouri was victim to a phishing scam that may have compromised the personal data of more than 60,000 individuals. The breach occurred when hospital employees were targeted with emails asking them to log into a phone web site. Many employees took the bait, essentially handing over their usernames and passwords to hackers, who then used the access to extract information from hospital databases.
What will the potential impact be for the children whose personal information was stolen? The data, which contained diagnoses, conditions, and treatment details, is now in the hands of criminals who could use it for malicious purposes. What’s more, this could continue to haunt the children as they grow. Say, for example, that confidential information makes its way onto the Web, searchable for anyone. Could a childhood illness or a pre-existing medical condition become part of someone’s online profile? It’s a disturbing thought, but, as we’ve seen with our recent case against MyLife, information once considered private often isn’t.
To read more about the class action lawsuit filed against Children’s Mercy by patients and their parents, check out this article by Kelsey Ryan in the Kansas City Star: https://www.kansascity.com/news/business/health-care/article214437764.html