Lurie Children’s Surgical Foundation patients' data breached

Lurie Children’s Surgical Foundation reports that  the personal information of approximately 2,000 patients was exposed due to a security breach within the foundation's billing software.

Those affected by the breach had their Social Security numbers, names, dates of birth, and addresses leaked to an unidentified party. The breach occurred between March 29 and April 14.

Lurie Children’s Surgical Foundation, linked to Lurie Children’s Hospital, is a nonprofit organization that raises funds for specialized surgical procedures like cardiac surgery, fetal surgery, and transplant surgery, aiming to provide essential care regardless of patients' financial capabilities.

The responsibility for the breach lies with NextGen Healthcare, the company responsible for managing the foundation's billing software. Despite ongoing forensic investigations, NextGen is currently unaware of the identity of the unauthorized access.

Notably, NextGen has stated that the breach did not compromise patients' actual medical records, and the company is collaborating with Experian, a credit monitoring firm, to offer the impacted 1,997 patients two years of complimentary consulting services for addressing fraud and identity theft concerns.