Sanford patient data leak

By Elizabeth Shores
Published: Sep. 25, 2023 at 8:24 PM CDT
Email This Link
Share on Pinterest
Share on LinkedIn

BISMARCK, N.D. (KFYR) - A data leak involving Sanford Medical has impacted more than 21,000 patients whose personal information may be compromised.

Hospital administrators say the breach happened on DMS Health Technologies’ end, the vendor they use for their mobile heart screen trucks.

Kim Burch said when DMS Health Technologies informed her son by letter nearly two weeks ago, she initially thought it was a scam.

“You had to really read it to get the gist of it, and then it goes on to say, ‘He’ll be signed up for credit protection,’ but how are you going to sign him up? He’s 13, he can’t be signed up for credit protection. So it was extremely misleading for a child,” said Burch.

Burch said she decided her son would most likely be fine since it’s been a while since he last visited Sanford, and previous visits have been for routine checkups. However, when Your News Leader told her about DMS’ involvement, she said she didn’t recall it being obvious that DMS had been involved. She said it’s possible she could have missed it.

“I hope that Sanford would not point the finger at somebody else. They obviously contracted or signed with Sanford, so why would they blame somebody else? If I go to Sanford, and my son has an x-ray, that’s Sanford, and it’s Sanford’s responsibility to maintain the confidentiality of my son. I don’t care who they contracted on the other side, it’s Sanford’s responsibility to protect his information,” Burch said.

Sanford hasn’t confirmed if any of its patients’ information has been leaked, but some North Dakotans say they’ve received fraud alerts from their credit card companies since the breach.

Security Advisor Geoff Wiitala from Starlight IT and Security says data breaches like this are often about money.

“You’ve got to remember, for a lot of these threat actors, it’s all about money,” Wiitala said.

He said it’s becoming more common for scammers to target hospitals and conduct ransomware attacks because of the vast amounts of patient data. If the hospital or vendor doesn’t go along with their demands, Wiitala said the hackers are usually good at following through on their word to release patients’ information on the dark web.

So far, we don’t know who was behind the attack or what exactly they did with the stolen information.

Sanford said anyone who’s unsure if their data has been compromised can contact DMS at 866-373-7164 to check if they were among those affected.

We contacted DMS and DMS’ law firm for comment, but they either didn’t immediately respond or declined to answer.

We also asked Sanford for a statement, but they declined.

Previous coverage: Personal information of thousands of Sanford Health patients potentially compromised

Copyright 2023 KFYR. All rights reserved.

Most Read

Ian Cramer, the 42-year-old son of U.S. Sen. Kevin Cramer.
UPDATE: Bond set for Ian Cramer in death of Mercer County deputy
FILE - A newborn baby was safely surrendered to the Safe Haven Baby Box at Beech Grove Fire...
Newborn surrendered to Safe Haven baby box installed in September
Deputy Paul Martin
UPDATE: Full details on incident that led to death of Mercer County deputy; funeral plans announced
Traffic Crash
Car crash involving train in Stutsman County
FILE - A customer pumps fuel at a gas station.
Williston gas station reopening

Latest News

Fire truck sirens generic
Crews respond to structure fire in Sawyer
First News at Six
North Dakota State rolls into FCS semifinals with 45-17 win over South Dakota
Traffic Crash
Car crash involving train in Stutsman County
First News at Six
KFYR First News at Six Sportscast 12/9/23
First News at Six
KFYR First News at Six Weather 12/9/23