Malware discovered on servers hosting LifeBridge medical records

A previously reported data breach at LifeBridge Health, a Baltimore-based healthcare provider, may have impacted more than 500,000 Marylanders, according to the state’s Attorney General’s Office.

LifeBridge announced in a statement last week that it was sending letters to its patients following a “recent security incident” involving their personal information.

“On March 18, 2018, we discovered that malware infected the servers that hosts LifeBridge Potomac Professionals electronic medical records, and LifeBridge Health’s patient registration and billing systems,” the healthcare provider said.

“Our investigation determined that an unauthorized person accessed the server through LifeBridge Potomac Professionals on September 27, 2016.”

According to the organization, the information potentially accessed may have included patients’ names, addresses, dates of birth, diagnoses, medications, clinical and treatment information, insurance information, and in some instances, social security numbers.

Issuing a consumer alert yesterday, the Maryland Attorney General’s Office said more than half a million Marylanders may be affected by the breach.

One of the largest healthcare providers in Northwest Baltimore, LifeBridge operates four hospitals and a clutch of ancillary health and fitness centers.

“Recent reports of massive data breaches highlight the need for all businesses and, in particular those that hold our health records, to be vigilant about protecting our personal information and health records that are increasingly being targeted by hackers,” said Maryland Attorney General, Brian Frosh.