14 DAY TRIAL // Florida's Department of Health issued a notice of data breach detailing the compromise of an employee's Microsoft Outlook 365 account which exposed Escambia, Santa Rosa, Okaloosa, and Walton patients' private information, as reported by WKRG.
The Department of Health conducted an internal investigation which unveiled that the Microsoft Outlook 365 account of the Children’s Medical Services (CMS) employee was compromised and accessed by an unauthorized third party from October 8 until October 16, 2018.
Following this discovery, the employee's login credentials were immediately reset to stop any further attempts of illegally accessing the CMS' computing systems.
Furthermore, the security breach was also reported to the Inspector General and the Security Administration Team for further investigation and for identifying the unauthorized user who infiltrated CMS' systems.
The data breach notification also says that "It is possible that individuals served by the District 1 Child Protection Team may have had their names, psychological, and medical conditions accessed as a result of this incident."
Affected patients were advised to review their credit history for suspicious activity
Luckily, according to the statement issued by the Department of Health, there is no evidence that the "social security numbers, bank accounts, credit cards or other personal or financial information" of affected patients have been accessed.
Also, until now, there was no proof that any of the accessed patient information has been misused in any way until the moment the security breach alert was issued.
However, Florida's Department of Health encourages all patients who received the notice "to review their credit history for any fraudulent or suspicious activities they have not authorized."
This is excellent advice and probably the most important step anyone can take when affected by a data breach, given that the risk of identity theft and credit card fraud increase exponentially after crooks manage to get their hands on pieces of one's personal information.