Former Nuance Employee Accessed Data of Over 1 Million Patients from Prominent Pennsylvania Healthcare Provider Geisinger
What happened in the Geisinger data breach?
Geisinger, a large non-profit healthcare organization serving over 1.2 million people in Pennsylvania, recently announced a data breach involving a former employee of IT services provider Nuance.
In November 2023, Geisinger detected that a former Nuance employee had unauthorizedly accessed patient records from Geisinger’s database. Nuance was promptly informed and disconnected the employee’s access.
An investigation revealed the employee had accessed the information just two days after being terminated from Nuance. Law enforcement authorities were alerted and the individual was arrested and charged for their actions.
“On Nov. 29, 2023, Geisinger discovered and immediately notified Nuance that a former Nuance employee had accessed certain Geisinger patient information two days after the employee had been terminated,” reads the announcement.
What information was compromised?
The breach exposed the following personal information on potentially over 1 million Geisinger patients:
- Full name
- Phone number
- Date of birth
- Address
- Medical record number
- Admit and discharge codes
- Facility name abbreviation
- Race and gender
However, financial details like insurance information, credit card or bank account numbers, and Social Security Numbers were not believed to have been compromised.
Ongoing impact and response
As the full intent and any subsequent spread of the stolen data is unknown, those impacted are advised to monitor for any suspicious activity. Legal experts suspect the former employee may have acted out of spite to damage the organizations.
Geisinger notified those affected and recommended vigilantly checking statements for unfamiliar entries and alerting health insurers if any issues arise. A class action investigation is also being conducted against Geisinger to determine the full scope.
This “Geisinger data breach” highlights the ongoing risks of insiders abusing system access, even after termination, underscoring the need for strong access controls, monitoring, and incident response plans. Affected individuals should take recommended precautions to protect their medical and financial information.