Electronic health record (EHR) vendor Medical Informatics Engineering and its subsidiary, NoMoreClipBoard, which is a personal health record (PHR) product, notified its EHR clients and PHR individuals that it has been the victim of a sophisticated cyber-attack resulting in the unauthorized access to its system and data. The web-based EMR system information that was breached involved patient data, including names, maling addresses, email addresses, dates of birth, some Social Security numbers, lab results, dictated reports and medical conditions.

The PHR information gathered by individuals about their health information and stored through NoMoreClipBoard that was exposed included names, addresses, usernames, hashed passwords, security questions and answers, email addresses, dates of birth, health information and Social Security numbers. That is the complete treasure trove of the highest sensitive information a consumer has. Those individuals who are notified of this breach should take special care in proactively protecting themselves, including changing their passwords and security questions that may have been used for other sites or purposes.

The companies are offering affected individuals credit monitoring and identity protection services for 24 months.