Level 9
The personal and medical information of 49,351 patients was exposed following a security incident involving two employees' email accounts as disclosed by Minnesota-based Alomere Health.
Alomere Health is a community-owned and non-profit general medical and surgical hospital with 127 beds that has been twice named as one of the Top 100 Hospitals by Thompson Reuters.
The Alexandria, Minnesota-based locally-governed hospital started notifying its patients of the security breach incident on January 3, 2020.
The security breach was discovered on November 6, 2019, when the hospital staff found that an employee's email account was accessed by at least on unauthorized third party between October 31 and November 1, 2019.

After securing the breached account and starting an investigation with the help of a forensic security outfit, Alomere Health found on November 10 that a second employee's email was breached on November 6.

"The investigation was unable to determine whether the unauthorized person(s) actually viewed any email or attachment in either account," the hospital's breach notification says.
"In an abundance of caution, we reviewed the emails and attachments in the accounts to identify patients whose information may have been accessible to the unauthorized person(s).


Staff member
Malware Hunter
Sad news to watch and makes me wonder if 2020 will be a even worse year for the US then 2019 already is.
Alomere Health is now on a long list of healthcare providers impacted by breaches during the last month, with the Colorado Department of Human Services, Sinai Health System, Cheyenne Regional Medical Center, Children's Hope Alliance, and RiverKids Pediatric Home Health being just a handful of the total number.