Lower Bucks Hospital in Bristol Township announced on Monday that it is contacting patients to alert them of a data breach involving a third-party vendor.
Advertisements
The breach, which stems from an incident with Progress Softwareโs MOVEit Transfer platform, has affected users globally.
The hospital stated that its own systems were not compromised in the incident.
The breach was discovered through CBIZ KA, a third-party vendor working with Lower Bucks Hospital. The firm discovered the security issue in its use of the MOVEit Transfer software, hospital officials said.
Advertisements
โLower Bucks Hospital takes the responsibility of safeguarding patient information very seriously, and while its systems were not involved in the incident, CBIZ KA uses MOVEit Transfer to securely transfer data files in the normal course of business,โ according to a statement.
Following the discovery of the breach, CBIZ KA initiated a thorough investigation with cybersecurity experts to assess the extent and impact of the MOVEit vulnerability.
Advertisements
The investigation revealed that the files of certain Lower Bucks Hospital patients were involved, according to the hospital.
The files from the local hospital that were impacted included names, and for some patients, additional details such as dates of birth, addresses, medical record numbers, Social Security Numbers, admission dates, and discharge dates.
The company has since patched the identified vulnerability on the MOVEit Transfer server and has reassessed and strengthened protocols with its vendors to enhance security measures and prevent future incidents, according to the hospital.
Advertisements
To assist affected patients, Lower Bucks Hospital has established a dedicated call center. The center will address inquiries regarding the incident and can be reached at 1-866-547-6909. It operates Monday through Friday from 9 a.m. to 6:30 p.m., excluding major U.S. holidays.
Advertisements
Report a correction via email | Editorial standards and policies
