Email Threatens to Release Illinois Clinic Patient Info

Sender wants Clay County Hospital to pay a ransom to prevent health information from being released to the public.

FLORA, Ill.—Authorities are investigating an email sent to a small Illinois hospital threatening to release patient data to the public unless the hospital paid the sender a substantial amount of money. The threat was emailed to Clay County Hospital Nov. 2, and the message contained protected health information of some clinic patients.

The hospital immediately notified law enforcement and launched an investigation to determine the source and scope of the incident. All affected patients were notified by mail on Monday.

The compromised data was limited to patients who visited a Clay County Hospital clinic on or before February 2012 and is limited to name, physical address, social security numbers and date of birth. No medical information was accessed or disclosed.

“Extensive reviews from outside forensic experts concluded that Clay County Hospital servers have not been hacked and remain secure due to the rigorous security program that meets the standards set by the HIPAA HITECH Act,” hospital officials said in a statement. “In order to prevent future incidents, Clay County Hospital is implementing extra internal security measures. These include additional logging systems and auditing features to track and control data access.”

Affected patients with questions regarding this incident can visit www.myidcare.com/claycounty or call 1-888-281-7040.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

About the Author

robin hattersley headshot
Contact:

Robin has been covering the security and campus law enforcement industries since 1998 and is a specialist in school, university and hospital security, public safety and emergency management, as well as emerging technologies and systems integration. She joined CS in 2005 and has authored award-winning editorial on campus law enforcement and security funding, officer recruitment and retention, access control, IP video, network integration, event management, crime trends, the Clery Act, Title IX compliance, sexual assault, dating abuse, emergency communications, incident management software and more. Robin has been featured on national and local media outlets and was formerly associate editor for the trade publication Security Sales & Integration. She obtained her undergraduate degree in history from California State University, Long Beach.

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Get Our Newsletters
Campus Safety Conference promo