Three weeks after announcing that the hospital had been the victim of a cyberattack, Eskenazi Health is warning its employees, contractors, current and former patients and suppliers to monitor their financial accounts for any suspicious action.
Hospital officials initially said they did not believe employee or patient information was compromised in the attack, which occurred on August 4.
But on Tuesday, Eskenazi Health said in a press release that officials later learned that some data was “obtained by bad actors” and posted online. Forensic experts have identified the records and are now reviewing them for any personal information.
Indiana Department of Health:Cyber security firm defends decision to access state health department data
If the health network learns that someone has had information stolen, it will notify those affected and offer them credit protection and monitoring services, the statement said. However, so far there is no evidence that the breach led to bank or credit card fraud.
Eskenazi Health added that the hospital did not plan to make any payments to the bad actors and that its system was working as it should. The Federal Bureau of Investigation has been notified and is investigating the incident, hospital officials said.
COVID in Indiana:Indianapolis health executives worried as hospitalizations for COVID strain critical care
While the hospital was under a diversion for a few days after the attack and some elective procedures were postponed, Eskenazi Health is currently open and operational.
The health system website is up and running, but the Marion County Public Health Department website is down following an incident related to the cyberattack, Eskenazi spokesman Todd Harper said. , in an email. Marion’s Health & Hospital Corporation oversees both entities.
Hospital officials said in a press release that anyone concerned about the disclosure of their personal information can get a free credit report through any of the three credit bureaus, Equifax, Experian or TransUnion.