Duncan (Okla.) Regional Hospital notified patients March 4 about a data security incident that exposed 92,000 patients' medical records.
According to the Maine Attorney General's Office, which posts all security incidents involving Maine residents, the hospital discovered the incident Jan. 20 when access to some of the hospital's internal systems became unattainable.
It is unclear whether the incident involved ransomware or data exfiltration.
Upon discovering the incident, the hospital disconnected all systems from external access and implemented incident response protocols.
The impacted patient information includes names, addresses, demographic information, dates of birth and some combination of Social Security numbers, medical records and treatment information, according to Duncan Regional Hospital.
Hospital officials said they will offer credit monitoring and identity theft services to those impacted.