NorthShore University HealthSystem is informing about 348,000 people that some personal information might have been exposed by a data breach earlier this year.
The ransomware attack on a vendor to NorthShore’s foundation did not access medical records, NorthShore representative Jim Anthony said in a statement.
The breach, which happened between Feb. 7 and May 20, exposed patients’ names, dates of birth, contact information, admission and discharge dates, names and specialties of doctors, and NorthShore’s locations and services, according to a notice published by NorthShore’s foundation,
“Based on the data involved, there is a low risk of harm to affected individuals,” Anthony said.
Blackbaud, the vendor whose system was breached, told NorthShore that no credit card information, bank account information, Social Security numbers or user logins and passwords were accessed. Blackbaud could not be immediately reached for comment.
Blackbaud informed NorthShore of the breach on July 22, the notice stated.
Along with NorthShore notifying those affected by the breach, Anthony said it is also reminding everyone to monitor their accounts for suspicious activity.
Blackbaud has notified law enforcement about the breach, locked out unauthorized users from its system and increased security.