Nearly 280,000 Medicaid patient records breached in Oklahoma hack
An unauthorized user hacked into the Oklahoma State University Center for Health Sciences network in November, accessing folders that contained the Medicaid billing information of 279,865 patients.
According to the breach notice, officials discovered the intrusion on Nov. 7. The affected Medicaid folders were removed from the network and third-party access was terminated the next day.
OSUCHS launched an investigation and hired an outside security firm to determine whether the folders were compromised. Officials couldn't rule out third-party access.
The folders contained patient names, Medicaid numbers, provider names, dates of service and treatment information. Only one Social Security number was on the server. Officials said these folders didn't contain medical records.
However, it's important to note cybercriminals can use this type of information for medical fraud.
"For patients affected by this incident, please be alert to any healthcare services you did not receive from any of your providers," officials said in a statement. "If you learn of any services you did not receive, please contact your provider and Medicaid immediately."
OSUCHS began notifying patients by mail on January 5 and established a dedicated call center to field questions from impacted patients. The health system also updated its security features as a result of the hack.
Why cybersecurity is top of mind for forward-looking healthcare orgs.