The hospital discovered that an unauthorized third party had gained access to two employees’ email accounts between Aug. 2, 2018, and Aug. 13, 2018. A year later, on Aug. 1, Goshen Health determined that the email accounts stored some patient information.
Patient data found in the email accounts included names, addresses, dates of birth, physician names, health insurance information, limited clinical information, Social Security numbers and driver’s license numbers.
Goshen Health said there has been no evidence that patient information has been misused. However, the hospital is offering patients complimentary identity theft protection services.
More articles on cybersecurity:
Ransomware attack locks CHI Health providers out of EHR database
Texas healthcare provider pays hackers in ransomware attack
Don’t put cybersecurity on CISOs’ shoulders –– Why board members aren’t doing enough
