Concord, Calif.-based VEP Healthcare, an emergency medicine and hospital staffing firm, began notifying patients of a data breach after email hacks left patients' data exposed for more than a year.
A portion of VEP email accounts were accessed by an unauthorized party after cybercriminals launched a phishing attack at the staffing firm, according to a data breach notice reported April 13.
A forensic investigation discovered on March 11 that the affected email accounts were accessed Between Nov. 19, 2019, and Jan. 20, 2020.
Data that has been breached contained personal information, but it is unclear what specifically was included. VEP also said there is no evidence that any of the data has been misused.
In response to the data breach, VEP is offering affected individuals a one-year identity theft protection service through IDX, which includes 12 months of credit and cyber scans, a $1 million insurance reimbursement policy and fully managed identity theft recovery services.
Becker's Hospital Review reached out to VEP Healthcare and will update the article with any additional news.