AUBURN, Ind. (WANE) – Hospital officials said some patient’s information was breached after DeKalb Health’s website was hacked.
According to a statement on the hospital’s website, a server from a third party firm used to operate the website was hacked in February of 2014. The hackers had access to 17 people’s names, addresses social security numbers and credit card numbers. Officials said the hacked server was not connected to DeKalb’s patient data system.
In late March, investigators said there may have been an additional database on the compromised server that also contained information about an additional 24 patients, along with approximately 1,320 nursery babies whose parents had agreed to post information and photos of the babies for friends and relatives to see on the Hospital’s “Web Babies” site. The information included: the baby’s name, weight, length, and date of birth; parent names; and the password for accessing the information about the baby on the web.
The hackers also set up a fraudulent website made to look like the donation page for the DeKalb Health Foundation and sent fraudulent phishing emails to get donations, according to officials.
The hospital has since removed its information from the hacked server.
To see DeKalb Health’s full statement on the incident, click here.
The hospital is offered one year of free identity monitoring to anyone who was affected by this incident. Patients may contact the hospital’s call center at (877) 423-0654 with further questions.