Beaumont disables the scheduling vulnerability that allowed people to ‘get in line’ for vaccinations

The Beaumont Health System’s IT team detected and shut down unusual activities on Saturday related to the COVID-19 online vaccination schedule, the hospital announced on Sunday.

READ: Some Michiganders queuing for the COVID vaccine ahead of the needy

The unusual activity took place on the Beaumont Epic electronic medical record system. Beaumont’s team determined that a user took advantage of a vulnerability in Epic’s scheduling tool and publicly shared an unauthorized scheduling path that allowed 2,700 people to “get in line” and register for an unauthorized vaccine appointment.

Beaumont is canceling all appointments that used the unauthorized route.

Ads

Beaumont notified Epic’s national corporate office so that he could communicate with other health systems to prevent this from happening elsewhere.

Beaumont said that no one’s personal data or hospital records were compromised with the vulnerability. The path simply allowed users to schedule an unauthorized appointment that bypassed Michigan’s current mandates.

“These appointments violate the ethical distribution structure created by Beaumont based on the state of Michigan mandatory vaccine guidelines. We regret that 2,700 people in our community have become victims of this unfortunate incident, ”said Hans Keil, senior vice president and chief information officer for Beaumont Health. “We remain committed to vaccinating as many people as possible who meet the State’s guidelines. We are also notifying the Michigan Hospital Association and other Michigan health systems about this. ”

---

READ: Michigan COVID-19 vaccines: how to find appointments, information on phases