Hackers attacked Oklahoma State University Center for Health Sciences, and some 279,865 individuals have been notified that their protected health information may have been compromised.
The organization learned on Nov. 7, 2017, that an unauthorized party had gained access to data on the computer network that contained Medicaid billing information. The university removed the data from the network and the unauthorized access was terminated; and forensic specialists were called in to help determine the extent of compromise.
The investigation could not determine with certainty whether patient information was accessed, the university told affected patients in a notification letter.
Compromised data included patient names, Medicaid numbers, healthcare provider names, dates of service and limited treatment information, along with one Social Security number. To date, there is no indication of inappropriate use of patient information, according to the university.
“At OSU Center for Health Sciences, we care deeply about our patients,” the notification letter states. “Patient confidentiality is a critical part of our commitment to care, and we work diligently to protect patient information. We apologize for any concern or inconvenience this incident may cause our patients.”
A dedicated call center has been established for patients to get more information, and patients are urged to be on alert for any healthcare services they incur that they did not actually receive from their providers, and immediately contact their providers and Medicaid.
The university is not offering credit monitoring services to affected individuals, since no financial information was exposed; the one individual whose Social Security number may have been compromised was given credit protection services.