Rush Hospital Data Breach Exposes 45,000 Patients’ Personal Information

A data breach back in January exposed the personal information, including Social Security numbers, of thousands of patients at this Chicago hospital.

Rush Hospital Data Breach Exposes 45,000 Patients’ Personal Information

Image via iStock

A data breach at Rush University Medical Center in Chicago, Ill., exposed the personal information of approximately 45,000 patients.

Rush System Health revealed in a quarterly report that it learned of the breach on Jan. 22, reports CBS Chicago. It believes an employee of a third-party vendor provided someone with unauthorized access to system files.

Data inside the files included addresses, Social Security numbers, birthdates and health insurance of patients. Medical information or details on treatment, however, were not stolen.

After the discovery, Rush launched an internal investigation, reports Finger Lakes Times. The hospital says that to its knowledge, the information was not misused.

Hospital officials say they have suspended its contract with the vendor and is working to prevent future breaches.

“Although Rush is not aware of any misuse of information arising out of this incident, we are providing notice of the incident to all potentially affected individuals as well as providing notice to the Department of Health and Human Services of Civil Rights,” the quarterly report said.

Letters were sent out to affected patients on Feb. 25, who were told they will have 12 months of identity protection services for free.

It also recommended that patients check their credit reports, review their benefit plans with health insurers and consider freezing their accounts.

Last month, Rush Medical Center also accidentally exposed the names of 908 patients when it mailed a letter that was addressed incorrectly, resulting in patients learning names of other patients.

The hospital said the incident was a “low privacy risk.”

“Rush takes this matter very seriously and is committed to protecting patients’ personal information,” a statement from the hospital said.

Data breaches are becoming more common, especially at hospitals, universities and hotels that have high volumes of personal information.

Check out the most devastating cyber-attacks of 2018.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

About the Author


Katie Malafronte is Campus Safety's Web Editor. She graduated from the University of Rhode Island in 2017 with a Bachelor's Degree in Communication Studies and a minor in Writing & Rhetoric. Katie has been CS's Web Editor since 2018.

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters
Campus Safety HQ