ECRMC reports data breach
EL CENTRO — El Centro Regional Medical Center on Monday reported the personal information of online job applicants appears to have been stolen from a third party vendor’s server in May.
ECRMC Chief Executive Officer Adolphe Edward made the announcement in an email sent to potentially impacted parties, advising them of the data breach and the hospital’s response.
The job applicants’ stolen personal information included their name, address, phone number, username, password and email information, ECRMC reported.
The information did not include applicants’ Social Security number, health information or financial information, Edward stated in the email announcement.
In late August, Jobscience, a vendor ECRMC contracts to help process job applications, reportedly advised the hospital of a potential breach of online job applicants’ information.
In early October, Jobscience then notified ECRMC that it had determined information provided by online applicants had been stolen by an unknown third party, and that the theft had occurred between May 8 and 11, Edward’s announcement stated.
Since then, ECRMC has worked with Jobscience to determine which job applicants were impacted.
“We have confirmed that Jobscience has worked with the Federal Bureau of Investigation and a service provider to investigate the incident,” Edward’s email stated. “Jobscience has also made assurances that they have contained the incident, ended the third party’s access to their system, and remediated the issues that led to the compromise.”
Jobscience’s disclosure to ECRMC about the data breach reportedly was not delayed at the request of a law enforcement agency or as a result of a law enforcement investigation, ECRMC reported.
“To date, we are not aware of any reports of identity fraud resulting from this incident, and we do not have any evidence that suggests that your personal information has been misused,” Edward’s email stated.
The “Notice of Data Breach” email also advised potentially impacted parties to take measures to safeguard themselves against identity theft.
Recommended measures include changing one’s username and password for any accounts that use the same credentials that may have been used when applying for a job at ECRMC on the Jobscience platform.
ECRMC also recommended that potentially impacted individuals review their financial account statements and credit reports closely. Any suspicious activity on an account should promptly be reported to the financial institution or company with which the account is maintained.
ECRMC has also set up a dedicated call center with bilingual personnel to answer questions regarding the incident.
Those who have questions and reside in the United States are encouraged to call (888) 891-0631.
Those potentially impacted individuals who reside outside of the U.S. are encouraged to call (503) 597-7676. The call center will be available Monday through Friday, 6 a.m. to 6 p.m. Pacific Time.
“We understand and value the importance of our staff’s and job applicants’ privacy and confidentiality, and we deeply apologize for any inconvenience or concern that this incident might cause you,” Edward’s email stated.
ECRMC officials did not respond to a request for comment by press time.