In New Hampshire, the private information of about 15,000 patients were hacked from a hospital library and eventually posted on an unknown social media platform. The breach happened on October 2015 but it wasn't until November 4, 2016 that the problem was found out.
The person responsible for the breach is a former psychiatric patient at New Hampshire state psychiatric hospital. He was seen using a computer at the New Hampshire Hospital library where he accessed non-confidential information about patients. A library staff reported the suspicious incident to a supervisor. However, no report was filed to the management or to the state to alert them regarding a potential breach.
In August, security officers at the hospital informed the Department of Health and Human Services (DHHS) that the patient might be sharing private information on social media. The DHHS in turn alerted the Department of Information Technology (DIT) but the investigation did not confirm anything.
Finally, in November, the DHHS confirmed that the patient in fact have been sharing private information of patients on social media. The information accessed were some of the most sensitive data on patients.
However, these patients were not from the New Hampshire Hospital. Instead, these patients who have been using services from DHHS such as welfare benefits, child care services, and other health benefit programs.
Still, the data shared are sensitive and could prove harmful to the victims. These include names, addresses, Social Security information, and Medicaid identification numbers.
Thankfully, officials report that the leaked information were deleted within 24 hours of discovery. Also, none of the patients have reported being compromised due to their information being shared on social media.
The DHHS confirmed that there have been no reports of credit card fraud or identity theft so far. However, New Hampshire Governor Hassan officially stated that the incident is being treated with utmost urgency. She also stressed that the recent breach is proof that the nation needs to strengthen its cyber security to protect it from human hackers and human errors.
With the proliferation of cyber hacking and private information leaks these recent years, state agencies definitely have to fortify and modify policies of private information is to limit troubling incidents like this.