Conway (Ark.) Regional Medical Center alerted patients and staff Aug. 23 that an unauthorized third party had gained access to employee email accounts, according to local ABC affiliate KATV.
Hospital officials discovered that employees had fallen victim to a phishing attack in June after noticing unusual activity within the accounts. Conway Regional Medical Center said there has been no evidence that any patient data has been misused.
Data that may have been exposed included names, addresses, Social Security numbers, health insurance information and limited medical information. It is unclear how many patients and staff were affected.
Conway Regional Medical Center is reviewing its security policies to ensure an incident like this does not happen in the future.