Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireCybersecurity News

Security attack hits Illinois fertility centers

medical-data-freepik1170.jpg
January 10, 2022

The Fertility Centers of Illinois (FCI) has notified nearly 80,000 current and former patients that their information may have been compromised. 


FCI engaged independent forensic investigators to conduct an investigation after becoming aware of an intrusion on its internal systems on February 1, 2021. The investigation revealed that an unauthorized third party had gained access to several FCI’s administrative files and folders containing certain data. Due to the security systems already in place, the investigation indicated that no EMR (electronic medical records) systems were accessed or otherwise compromised due to this incident.


On August 27, 2021, FCI determined that information related to certain FCI patients was included in the set of files accessed by the unauthorized third party, but there wasn’t any actual or attempted misuse of patient information as a result of this incident.


The impacted files contained personal information including the names of some patients, employer assigned identification numbers, passport numbers, Social Security numbers, financial account information, payment card information, treatment information, diagnosis, treating/referring physicians, medical record number, medical billing/claims information, prescription/medication information, Medicare/Medicaid identification information, health insurance group numbers, health insurance subscriber numbers, patient account numbers, encounter numbers, ill health/retirement information, master patient index, occupational-health related information, other medical benefits and entitlements information, other medical identification numbers, pat keys/reason for absence, sickness certificate, usernames and passwords with PINs or account login information, and medical facilities associated with patient information.


Upon learning of the incident, FCI immediately eliminated unauthorized access and brought in independent forensic investigators to investigate and remediate the matter. Since the incident, additional security measures have been taken to further secure access to data, individual accounts, and equipment, including the implementation of enterprise identity verification software. Additionally, all FCI employees have received enhanced training on security practices.


Jake Williams, Co-Founder and CTO at BreachQuest, an Augusta, Georgia-based leader in incident response, says, “It’s not uncommon for medical organizations to store patient data outside of their electronic health record (EHR) system, and it sounds like that’s what happened here. As the article notes, the EMR was not compromised due to unspecified security measures. However, files (presumably on some network share) were accessed by threat actors. It wouldn’t surprise me to learn that the EMR enforces MFA or doesn’t use domain authentication. Organizations should take inventory of where they may have regulated data that may fall outside of normal monitoring and audit controls. Those who don’t perform regular data inventory searches almost certainly have regulated data in their file shares – a location where it is just one phishing email away from compromise.”


“Although the source of the compromise is not known at this time, roughly 80,000 current and former patients’ data from the Fertility Centers of Illinois (FCI) were exposed. FCI has stated that they followed reasonable practices to protect their users and that an administrative account was used to obtain the data. These higher privileged accounts often have access to widespread data and act as a single point of failure, as evidenced by the large amount of user data exposed,” says Ben Pick, Principal Consultant at nVisium, a Falls Church, Virginia-based application security provider. “Without knowing the cause of the administrator’s account being compromised, the best advice is to limit their access based on ‘need to know.’ When these privileged accounts cannot be limited, then strong monitoring must be enforced. This would alert when anomalous calls are made to indicate when an administrator may be performing an excessive amount of searches and possibly exfiltrating data.”

KEYWORDS: cyber security incident management information security risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Fountain pen

Trump Administration Executive Order Changes Cybersecurity Policy

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • stethoscope

    Illinois hospital attributes closure to ransomware attack

    See More
  • hacker

    Ransomware Attack Hits 20 Local Texas Government Agencies

    See More
  • Gambling

    Ransomware attack hits 5 Michigan casinos, shuts them down

    See More

Related Products

See More Products
  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing