Health officials in New Hampshire revealed on Tuesday, Dec. 27, that a former psychiatric patient at a state hospital posted thousands of private information on a social media website.
Jeffrey Meyers, commissioner of the state’s Department of Health and Human Services (DHHS), said the patient used a computer in the New Hampshire Hospital’s library in October 2015 to illegally access the personal data of 15,000 individuals who had received services from the department.
During that time, one of the staff of the hospital noticed that the culprit had discovered nonconfidential information on the department and informed a supervisor about it. However, the incident was never reported to the hospital’s management or to the state.
Confidential Information Breach
As early as August of this year, there had been indications that the psychiatric patient may have posted some of the illegally retrieved information online.
A security officer at the New Hampshire Hospital told the state that the individual may have already done so, but no evidence of a breach was found during the subsequent investigation.
The posting, however, was later confirmed after hospital security found that the patient had indeed added the breached confidential information online. They informed authorities about it in November.
Officials said the personal data included the names, addresses, and Social Security numbers of people who had received services from the DHHS. Authorities removed all of the confidential information online within 24 hours and launched a criminal investigation immediately.
There is no evidence that the private data were misused or that any of the banking or credit card information was accessed.
The DHHS is already contacting individuals who may have been affected by the data breach. It also advises any person who had received services from the department before November 2015 to review their bank and credit statements and monitor for any suspicious activity.
Reviewing Computer Systems And Data Policies
Meyers offered an apology to individuals possibly affected by the data breach. He also assured that the DHHS is very serious about handling the privacy and security of its clients’ confidential information.
The DHHS informed clients that steps are being undertaken to find out what happened exactly and to mitigate any of its potential effects. Officials have also begun reviewing the department’s computer systems, procedures and policies.
Jake Leon, a spokesman for the DHHS, clarified that the breached confidential information involved records of clients who received services from the department. They do not include private data of patients at the New Hampshire Hospital.
He said the leaked data included a combination of names, addresses, Social Security numbers or Medicaid ID numbers. It did not include every piece of private information for every affected individual.
© 2016 Tech Times, All rights reserved. Do not reproduce without permission.