Trustpoint Rehabilitation Hospital Confirms Data Breach Affecting Patient Information
Trustpoint Rehabilitation Hospital in Lubbock, Texas, disclosed a security breach that exposed sensitive patient data. The incident, detected after "unusual activity" in its IT systems, occurred between January 16 and February 4. Upon discovery, the hospital secured its systems, launched an investigation with a third-party cybersecurity firm, and notified law enforcement.
The breach involved an unauthorized party accessing files containing patient information, including:
- Names
- Addresses
- Dates of birth
- Medical record numbers
- Health insurance plan member IDs
- Claims data
- Diagnoses
- Prescription details
- Social Security and/or driver’s license numbers
On Friday, Trustpoint began mailing notifications to affected patients. Those whose Social Security or driver’s license numbers may have been compromised are offered free credit monitoring and identity protection services. A toll-free helpline (844-563-2187) and a dedicated website (trhl.ernesthealth.com) have been set up for inquiries.
The hospital advised patients to review healthcare statements for discrepancies and report any unauthorized services. In response to the breach, Trustpoint stated it has implemented additional safeguards and technical security measures to prevent future incidents.
Trustpoint Rehabilitation Hospital of Lubbock cybersecurity rating report: https://www.rankiteo.com/company/trustpoint-rehabilitation-hospital-of-lubbock
"id": "TRU1772491232",
"linkid": "trustpoint-rehabilitation-hospital-of-lubbock",
"type": "Breach",
"date": "3/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Patients (number not specified)',
'industry': 'Healthcare',
'location': 'Lubbock, Texas',
'name': 'Trustpoint Rehabilitation Hospital',
'type': 'Healthcare Provider'}],
'customer_advisories': 'Patients advised to review healthcare statements for '
'discrepancies and report unauthorized services. Free '
'credit monitoring and identity protection services '
'offered to affected individuals.',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (PII and medical data)',
'type_of_data_compromised': ['Names',
'Addresses',
'Dates of birth',
'Medical record numbers',
'Health insurance plan member '
'IDs',
'Claims data',
'Diagnoses',
'Prescription details',
'Social Security numbers',
'Driver’s license numbers']},
'description': 'Trustpoint Rehabilitation Hospital in Lubbock, Texas, '
'disclosed a security breach that exposed sensitive patient '
'data after detecting unusual activity in its IT systems '
'between January 16 and February 4. The breach involved '
'unauthorized access to files containing patient information, '
'including personally identifiable and medical data.',
'impact': {'data_compromised': 'Sensitive patient data, including PII and '
'medical records',
'identity_theft_risk': 'High (Social Security and driver’s license '
'numbers exposed)',
'systems_affected': 'IT systems'},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'corrective_actions': 'Additional safeguards and '
'technical security measures '
'implemented'},
'references': [{'source': 'Trustpoint Rehabilitation Hospital Notification',
'url': 'trhl.ernesthealth.com'}],
'response': {'communication_strategy': 'Mailed notifications to affected '
'patients, toll-free helpline, '
'dedicated website',
'containment_measures': 'Secured IT systems',
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Yes',
'remediation_measures': 'Additional safeguards and technical '
'security measures implemented',
'third_party_assistance': 'Third-party cybersecurity firm'},
'title': 'Trustpoint Rehabilitation Hospital Data Breach',
'type': 'Data Breach'}