MaineGeneral Health Suffers Mysterious Data Theft

Someone, at some point, transferred records from MaineGeneral Health to an outside, restricted website.

The hospital disclosed the incident on Dec. 8.

The medical center learned from the FBI that certain MaineGeneral data was found on an external website that is not available to the general public.  The hospital is currently working to learn the source and extent of the data breach.

The information compromised may include patients of all MaineGeneral subsidiaries including: MaineGeneral Medical Center, MaineGeneral Rehabilitation and Long Term Care, MaineGeneral Retirement Community, and MaineGeneral Community Care.

MaineGeneral, so far, has confirmed that the data found includes the date of birth and emergency contact name, address, and telephone number for certain patients referred by a treating physician to MaineGeneral Medical Center for radiology services since June 2009.

The data also includes the names, addresses, and telephone numbers of certain employees, as well as similar information for certain prospective donors.

On Nov. 13, MaineGeneral president Chuck Hays got a call from the FBI informing him of the attack, according to Maine Public Broadcasting.

The external website involved in the incident is accessible only to those with a valid username and password.

According to the FBI, the hack was connected to an ongoing investigation.