Medical University of South Carolina reports third party data breach

Patients within the Medical University of South Carolina (MUSC) health system have been impacted by a data breach originating from a vendor working with the Centers for Disease Control and Prevention (CDC) - Westat Inc. a data collection partner of CDC.

Westat sent notifications to MUSC Health patients on October 13, revealing that the breach occurred between May 28 and May 29, while the data was stored on another company's server.

The compromised information may encompass:

• patient names,
• addresses,
• birthdates,
• medical diagnoses,
• provider names,
• insurance coverage.

Westat emphasized that there is no evidence of any illegal use of the exposed personal information.

The exact number of impacted patients at MUSC Health remains uncertain. While Westat reported 7,954 people affected, there may be other impacted individuals.

The details of the breach are not reported, although the dates of the breach indicate that this was a MOVEit related data breach.

Westat, notified federal authorities and the U.S. Department of Health and Human Services about the breach. MUSC Health collaborated with Westat to notify affected individuals.