TACOMA, Wash. - Health systems across the nation and in Washington state have become recent targets of cyber hacking.
In an announcement to its website, MultiCare said a number of past and present employees had their names, addresses and social security numbers stolen in a data breach.
MultiCare said a third party company that prints its W2 and 1099 forms was hacked. The company, Kaye-Smith, said the ransomware attack happened in June 2022. The data breach involved several of its customers, including Tacoma-based MultiCare.
The health system said it was officially notified of the breach and the compromised employee information on September 30.
MultiCare said the third-party company has "seen no evidence, and has no reason to believe, that any of the data was or will be made available to the public."
MultiCare said Kaye-Smith took immediate steps throughout the summer to re-secure the affected data and "instituted a monitoring program to search for any exposure of the data involved in this incident."
In a statement, MultiCare wrote: "MultiCare takes our responsibility to protect the sensitive information entrusted to our organization very seriously. We will remain ever-vigilant to ensure the ongoing security of our patients and our employee data."
The breach comes as Virginia Mason Franciscan Health, serving most of Kitsap County, continues to restore critical IT service to its patients. Its parent company, Common Spirit Health, experienced a ransomware attack earlier in October. Common Spirit Health is the second-largest nonprofit hospital chain in the country.
A ransomware attack locks users out of systems unless the victim company pays money.
As for MultiCare, during the week of October 17, Kaye-Smith is sending letters to all the employees affected by the breach. The company is also offering them two years of free credit monitoring.