More than 5,000 patients at Sentara Healthcare are affected by a security breach according to a news release. According to the hospital, vascular and thoracic patients seen between the years 2012 and 2015 are affected by the cybersecurity breach. The breach was discovered on November 17 and involves a third party vendor that was breached.

The breach in security had exposed patient information such as their names, medical record numbers, social security numbers, dates of birth, procedure information, medications and demographic information. This is a major breach in the privacy of patients and is in violation HIPAA or the Health Insurance Portability and Accountability Act. According to the act, any company that deals with protected health information must ensure that security measures are in place and followed in order to protect patient information.

Sentara had already notified the patients who were affected by the occurrence. The company has a toll free number where patients can call in with questions. The patients can call from 9 a.m. to 9 p.m. Monday through Friday. According to the release, the vendor in question had told Sentara that it is enhancing its security system according to a report by The Virginian-Pilot.

According to cyber security expert Charles Tendell with Hackerslist.com the hacker probably had gotten into Sentara's system for several years and had been siphoning information. It was not until recently that the breach has been known and security plugged the hole in their system. According to him, the company probably did not have encryption in some parts of the system making it vulnerable to attack.

The good thing that came out of the Sentara Healthcare security breach is that they will be strengthening their security measures. Sentara Healthcare stated in its latest news release that the group continually strengthens its policies and procedures and will continue to invest in technologies to protect its information technology systems according to an article by the WHSV.