BJC Healthcare: Another Healthcare Provider Becomes A Malware Victim
BJC HealthCare, a non-profit healthcare firm headquartered in St. Louis Missouri became a victim of malware which is now being blamed for the loss of personally identifiable information, including credit and debit card details of 5,850 patients. BJC HealthCare confirmed the theft of data more than a month ago, November 19. The malware had allegedly intercepted all patient records entered into the system from October 25 until November 19 of all those who received service from BJC HealthCare.
The healthcare institution advised the patients and their family to monitor their bank accounts for suspicious transactions. At the time of this writing, BJC HealthCare has already contacted all the affected patients, this includes assistance from authorities was established. “BJC has no indication to date that any information was actually misused. As a precaution, individuals whose payment information may have been exposed are advised to carefully review credit card and bank statements and immediately contact their credit card holder or banking institution about any inconsistencies or suspicious activity,” explained BJC HealthCare in their official press release.
However, even after the discovery of the malware incident, BJC HealthCare is still claiming to have conformity with the United States Department of Health and Human Services Office for Civil Rights. Notification requirements in full compliance with the law, including custom letters and public website posting to update the victims. They also claim that no social security numbers and medical information were exposed due to the malware attack. BJC HealthCare also assures its current patients that their hospital facilities will continue serving them uninterrupted.
“BJC takes the confidentiality and protection of patient information seriously and regrets any inconvenience or concern this incident caused patients, family members or other individuals making payments through the site. To help prevent a similar incident from occurring in the future, BJC has implemented additional security procedures to enhance protection against malware,” added BJC HealthCare.
It is not disclosed what particular malware infected the BJC HealthCare’s network which enabled confidential information to leak out. They mentioned that U.S. authorities were alerted after the discovery of the incident and they are helping with the investigation.
“Individuals making payments whose data may have been exposed have been mailed a letter explaining what occurred, recommended precautions, and who to contact with any questions. Patient questions can be directed to 844-582-5076, Monday through Friday, 9 a.m. – 5 p.m. Central Time,” concluded BJC HealthCare.
Kevin Jones749 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.