Forsyth, Ga.-based Monroe County Hospital mailed letters to 10,970 patients to alert them that their personal health information may have been exposed, according to the HIPAA Journal.
On March 26, one of the hospital's vendors — Navicent Health — informed Monroe County Hospital that some of the hospital's patient information was affected by a cyberattack. Navicent Health said an unauthorized third party had gained access to several employees' email accounts.
Patients' information that may have been affected included names, addresses, dates of birth, medical record numbers, limited health information, drivers license numbers and Social Security numbers.
Monroe County Hospital sent patients individual letters on May 24. This data breach is part of a much larger cyberattack on Navicent Health that exposed more than 278,000 patients, reports the HIPAA Journal.