Johns Hopkins notifying patients whose information was compromised during cybersecurity incident
BALTIMORE - Johns Hopkins is in the process of notifying patients whose information was stolen during a cybersecurity incident in late May, the healthcare system confirmed Monday.
Hackers targeted the commonly used file transfer software "MOVEit", which allowed documents to be downloaded from a server, Johns Hopkins confirmed.
While the incident did not affect all system patients, a review determined that the information obtained varied by impacted individuals, which could include name, address, email address, phone number, date of birth, social security number and more.
The healthcare system started to mail letters to patients whose information was compromised on June 24.
The letter provided steps that people can take to monitor and protect their personal information.
For impacted patients, Johns Hopkins is extending instructions to enroll in two years of free credit monitoring and resolution services. The system has also dedicated a call center to answer patient questions.
The call center number is available at 888-703-9247 on weekdays from 9 a.m. to 9 p.m.
This month, a class action lawsuit was filed against Johns Hopkins by a patient who accused the system of "failing to properly secure and safeguard patients' personal and medical information.
Johns Hopkins suggests patients monitor their accounts for suspicious activity. If something appears wrong, you should report it to law enforcement or a consumer protection agency.