Macon, Ga.-based Navicent Health began notifying 1,400 patients that their information may have been exposed in a data breach, according to local NBC affiliate WMGT.
The medical center discovered June 24 that an unauthorized third party had gained access to an employee's email account.
Patient data that may have been affected included names, addresses, Social Security numbers, telephone numbers, medical records, insurance information, bank accounts and other personal information.
Navicent Health is offering affected patients free identity theft screenings.
"Privacy and security are a top priority for Navicent Health. Upon discovery of the phishing email, Navicent Health immediately took action to stop the unauthorized access to the account, changed the password and enhanced its security controls. Navicent Health also notified the FBI regarding the matter. Navicent Health is committed to keeping its workforce informed of privacy and security issues and continues to provide privacy and security education to its employees," the hospital said in a statement.