Indiana data breach hits healthcare providers, radiologists

An Indiana-based electronic health record (EHR) company experienced a data breach back in May, affecting 11 healthcare providers, 44 radiology centers and nearly 4 million individuals.

Officials at Fort Wayne-based Medical Informatics Engineering (MIE) first noticed the breach on May 26, and the FBI investigation is still underway. MIE subsidiary NoMoreClipboard was also part of the incident.

Client information potentially obtained during the breach includes patient names, patient contact information, passwords, security questions and answers, dates of birth, Social Security numbers, lab results, health information, doctor information and more.

The radiology centers involved in the breach are all located in Indiana, Ohio and Michigan. A full list can be found in a statement on the company’s website.

MIE’s statement also explains that the company has been working to fix any potential problems with its security.

“We are continuing to take steps to remediate and enhance the security of our systems,” MIE’s statement said. “Remedial efforts include removing the capabilities used by the intruder to gain unauthorized access to the affected systems, enhancing and strengthening password rules and storage mechanisms, increased active monitoring of the affected systems, and intelligence exchange with law enforcement. We have also instituted a universal password reset.”

The MIE statement also said that only specific parties were impacted by this breach, and they have all been contacted. However, Indiana Attorney General Greg Zoeller believes everyone in the state should use extra caution as a result of the news.

A statement from Zoeller’s office focused on the importance of protecting against ID theft, urging all Indiana residents to put temporary credit freezes in place.

“We are faced with yet another massive data breach putting countless Hoosiers at risk of identity theft and fraud,” Zoeller said in the statement. “People cannot sit back and assume they won’t become a victim of these crimes which are costly, time consuming to fix and can have a long-term impact on your financial stability and credit. Everyone in Indiana should have a credit freeze in place to protect themselves from becoming a victim of identity theft and fraud.”

Last week, one Indiana resident filed a class-action lawsuit against MIE as a result of this breach. The full lawsuit can be read here.