Memorial Hospital at Gulfport (Miss.) sent letters to roughly 30,000 patients Feb. 15 notifying them of a data breach, according to the HIPAA journal.
The hospital discovered an employee's email account was victim to a phishing attack Dec. 17, 2018. Memorial Hospital quickly acted to secure patient information and determine the extent of the breach.
During the investigation, Memorial Hospital learned the employee responded to a phishing email Dec. 6, 2018, which gave an outside third-party access to patients' protected health information available in the email and email attachments.
Information affected in the breach included names, dates of birth, health insurance information and medical services. A limited number of Social Security numbers may have also been exposed.
Memorial Hospital is offering credit monitoring services to patients' whose Social Security numbers were compromised. The investigation is ongoing. The hospital expects to contact additional patients in the coming weeks, the HIPAA Journal reports.