Health Information on Patients at Brigham’s Hospitals Now Compromised

Brigham says that an employee’s email account was hacked using stolen credentials but has not disclosed how those credentials were nicked.

In a statement, the hospital center said it learned that “an unauthorized party obtained the network credentials” of one of its employees and enter “those credentials to access that employee’s email account…We determined that the emails potentially contained information for a limited number of individuals including full name, date of birth, medical record number, provider name, date of service, and some clinical information, such as diagnosis and treatment received.”

This incident did not affect the patient electronic medical records system, rather only certain files contained in the single compromised email account.

The incident was reported to HHS on Jan. 11, 2016 as affecting 1,009 patients.