Northwestern Memorial HealthCare says some private info for practically 56,000 donors or sufferers could have been compromised in a latest knowledge breach.
Northwestern reported the incident, involving a cloud-based software program vendor that gives fundraising database administration providers, to the U.S. Division of Well being & Human Providers on Aug. 28.
Blackbaud, the South Carolina-based vendor, notified the well being system in July that an unauthorized particular person gained entry to its methods between Feb. 7 and Might 20, Northwestern mentioned in an announcement this week.
Whereas the incident was not focused at Streeterville-based Northwestern, the person could have accessed info for donors—or sufferers for whom donations have been made—together with names, dates of beginning and a few scientific info, the assertion says. Except 5 folks, Social Safety numbers, monetary accounts and fee info was encrypted and never accessible to the hacker.
“Based mostly on the character of the incident, our analysis and third-party—together with regulation enforcement—investigation, we’ve no motive to consider that any knowledge went past the cybercriminal, was or can be misused, or can be disseminated or in any other case made accessible publicly,” Blackbaud mentioned in a separate assertion, noting all affected clients had been notified and equipped with further info and sources.
Thus far this yr, 11 knowledge breaches in Illinois have been reported to HHS, which requires discover when protected well being info for 500 or extra folks is uncovered.
HIPAA Journal first reported Northwestern was impacted by the Blackbaud breach.