Expand / Collapse search

Beaumont says 2,700 people scheduled a vaccine appointment using "backdoor" pathway

By Jack Nissen
Updated  February 1, 2021 9:27pm EST
Technology
FOX 2 Detroit

Beaumont hospital says thousands of people who may have not been eligible for a COVID-19 vaccine "cut in line" after a security breach in its website.

Someone took advantage of a "scheduling tool vulnerability" on the hospital's website Saturday and shared an unauthorized scheduling pathway to others.

Hacker gets into Beaumont scheduling, leading to 2,700 extra COVID-19 vaccine appointments

Beaumont Health is canceling thousands of unauthorized COVID-19 vaccination appointments after someone found a way to hack into the hospital's scheduling system and shared it publicly.

The breach allowed 2,700 people to register for an unauthorized vaccine appointment.

"These appointments violate the ethical distribution framework Beaumont created based upon the State of Michigan's mandatory vaccine guidelines. We regret 2,700 people in our community became victims of this unfortunate incident. We remain committed to vaccinating as many people as possible who meet the State's guidelines," Beaumont Health Senior Vice President & Chief Information Officer Hans Keil said.

The incident was first reported when "unusual activity" related to the hospital's scheduling system was detected Saturday. 

The people who took advantage of the "unauthorized 'backdoor' pathway" were informed that their appointment had been canceled.

The online infrastructure that Beaumont uses is run by Epic, an electronic medical record systems company based out of Wisconsin.

The hospital said no one's personal medical records were compromised and it didn't allow anyone outside to access hospital records.