Gallup, N.M.-based Rehoboth McKinley Christian Health Care Services posted an online notice May 19 to tell patients that some of their protected health information recently had been inappropriately accessed and removed from its computer systems.
In March, NBC News reported that hackers inflicted the hospital's servers with ransomware and stole sensitive employee files, which they then published online. These files included employee job applications and background check authorizations with Social Security numbers, according to the network.
In the May 19 notice, the hospital said it discovered unauthorized activity on its computer network Feb. 16. It then launched an investigation, which found that the hackers had accessed and removed some patient data between Jan. 21 and Feb. 5. Rehoboth McKinley said it identified the patients affected by the incident April 30 and has begun notifying them.
Patient information affected by the cyberattack includes names, Social Security numbers, birth dates, addresses, health insurance details, medical record numbers, billing and claims data and financial account details.
The hospital has upgraded its security systems and is offering free identity monitoring and restoration services to all affected individuals, according to the notice.