Beaumont Hospital says thousands of people who may not be eligible for a COVID-19 vaccine “cut the queue” after a security breach on its website.
Someone took advantage of a “scheduling tool vulnerability” on the hospital’s website on Saturday and shared an unauthorized scheduling path for others.
Hacker joins Beaumont’s schedule, leading to 2,700 extra consultations of COVID-19 vaccine
Beaumont Health is canceling thousands of unauthorized COVID-19 vaccination appointments after someone found a way to break into the hospital’s scheduling system and share it publicly.
The violation allowed 2,700 people to register for an unauthorized vaccine appointment.
“These appointments violate the ethical distribution structure created by Beaumont based on the state of Michigan mandatory vaccine guidelines. We regret that 2,700 people in our community have fallen victim to this unfortunate incident. We remain committed to vaccinating as many people as possible who serve to state guidelines, “Beaumont Health senior vice president and chief information officer Hans Keil said.
The incident was first reported when “unusual activity” related to the hospital’s scheduling system was detected on Saturday.
People who took advantage of the “unauthorized ‘backdoor’ path” were informed that their appointment had been canceled.
The online infrastructure that Beaumont uses is managed by Epic, a Wisconsin-based electronic medical record systems company.
The hospital said nobody’s personal medical records were compromised and did not allow anyone outside to have access to the hospital’s records.