MUSC vendor says credit card info stolen from 7,000 patients - WCIV-TV | ABC News 4 - Charleston News, Sports, Weather

MUSC vendor says credit card info stolen from 7,000 patients

Posted: Updated:

CHARLESTON, S.C. (WCIV) -- Approximately 7,000 patients' credit card information may have been compromised, the Medical University of South Carolina announced Thursday morning.

According to MUSC officials, a third party credit card processing vendor, Blackhawk Consulting Group, reported that the personal information of nearly 7,000 patients who used a credit card online or over the phone was compromised.

Officials said patients who paid for health care services over the phone or the Internet may have had their names, billing addresses, credit card numbers and expirations dates, credit card authorization numbers and email addresses stolen.

Mary Ellen Callahan, an attorney for Blackhawk, said two other Blackhawk clients were affected by the security breach, which compromised the personal information of 3,000 other people. Callahan said neither client was located in South Carolina.

When MUSC learned of the event on Aug. 22, the online payment option was immediately suspended and Blackhawk began to investigate the intrusion," the hospital said in a statement. "As always, safe and secure information remains a top priority and MUSC implemented a notification process for affected individuals to share the details of this crime and advise them on what steps they need to take now."

MUSC officials said no patient medical record information was accessed during the theft and the Federal Bureau of Investigations has been notified. They also said social security and date of birth information was not compromised.

Dave Flagg and his wife are two of the 7,000 people recently flagged for potential financial information theft.

"We've already gone ahead and contacted the bank and gotten rid of the card and gotten a new one with a new number and all so pretty confident that we are ok at this point, but it's pretty upsetting that they didn't mention anything and this happen back in August," Flagg said.

He said they were contacted on Aug. 22 by Blackhawk.

But the medical center had known about the breach for 10 days. MUSC CEO Patrick Cauley said there's a reason for that, though.

"These  things are never that straight forward. You don't just receive a list and you know exactly what happened.  If that was the case, we could disclose immediately," he said.

The hospital said it took time to figure out exactly who was hacked and when.

Ultimately, they learned that affected patients made payments via the MUSC Physicians online payment portal or for an MUSC Physicians or MUSCHealth account by credit card, over the telephone between the dates of June 30, 2013 and Aug. 21, 2013.

MUSC recommends that anyone who believes they may have been affected should contact their credit card company or bank immediately. People who have been affected will receive pre-recorded phone calls giving them more information about the theft.

Officials said Thursday that Blackhawk is working with Experian, the same credit monitoring agency used after millions of South Carolinians' Department of Revenue records were exposed in a hack last year, to offer free credit monitoring.

"You want to make sure you're contacting your bank, your credit union or whoever issuer of that credit card is that you used  with MUSC to see if you want to go ahead and cancel that account or change pin numbers," said Carri Grube Lybarker with the state's Department of Consumer Affairs.

In the meantime, the Flaggs say they are ready to make some changes to protect against cyber-security invasions.

"The medical care is great, I'm not concerned about that, but I would definitely change the way I pay my bills there," Flagg said. "We will probably send it by check or they will have to wait until we are back at the doctor's office to pay it at the doctor's office."
 
An MUSC-based call center will help confirm if you are a victim of this information theft and if necessary, will provide confirmed victims with additional information regarding the credit monitoring service.

More information is available on the MUSC website (www.musc.edu/cyberinfo) and more information will be posted as it is made available in the coming weeks.

The number for the MUSC call center is 843-792-6200 or toll free 1-800-868-5051.            

Most Popular

Stories
Videos

Like Us On Facebook


  • High Profile CasesMore>>

Powered by WorldNow

ABCNews4 WCIV-TV

888 Allbritton Dr.
Mt. Pleasant, SC 29464
843-881-4444 | Advertising Information

Public Information File

For assistance with accessing WCIV-TV's public information file, click here.

Advertising

Advertising Credit Application and Terms and Conditions PDF.

Powered by WorldNow
All content Copyright © 2014 WCIV and Worldnow. All Rights Reserved.
For more information on this site, please read our Privacy Policy and Terms of Service.