CHESAPEAKE, Va. (WAVY) — Chesapeake Regional Healthcare announced in a news release Tuesday that it has informed more than 23,000 patients, donors, and employees about a data security breach.
The security breach happened through Blackbaud, a third-party vendor, on Feb. 7 and may have reoccurred intermittently until May 20. A cybercriminal removed a copy of Blackbaud’s backup file. It may have contained personal information about some Chesapeake Regional Healthcare patients, donors, and employees, like names and addresses. It did not include financial information, according to a news release.
Blackbaud notified Chesapeake Regional Healthcare about the security breach on Sept. 9. They confirmed which patients, employees, and donors were impacted and the healthcare system informed them.
Blackbaud has made several changes to protect data from future instances.