More than 23,000 individuals has sensitive information breached at the Chesapeake Regional Healthcare in Viginia this week.
Those affected by the incident have been notified by first class mail and email, Chesapeake Regional Healthcare said in a statement.
The personal data of 23,058 patients was accessed as a result of a third-party breach which effected the organization, which operates the Chesapeake Regional Medical Center, Outer Banks Hospital, and numerous ancillary healthcare facilities.
Sensitive information including names, mail addresses, email addresses, and demographics, such as donation dates and amounts, were included in the leak.
“Because the cyber-criminal did not access credit card information, bank account information, social security numbers, and other personal identification information, the data breach presents a low risk for identity theft,” the statement added.
The breach occurred as a result of a security incident that affected the donor and fundraising software Blackbaud.
“Blackbaud has assured Chesapeake Regional that they have implemented several changes to protect data from any subsequent incidents,” Chesapeake Regional Healthcare said.
However, this isn’t the first incident or breach reported by Blackbaud.
They reported a different incident in May when attackers took control of the vendors servers and encrypted some sets of data.
In September, separate incidents at two different US healthcare organizations exposed the personal data of more than 190,000 patients.
And in August, the Mines Advisory Group based out of Manchester, UK informed donors that their data may have been accessed by hackers.
They are a non-profit involved in the clearance of landmines in war-torn countries
Interestingly enough, all of the above mentioned organizations had employed services by Blackbaud.