Whittier, Calif.-based PIH Health began notifying 199,548 patients on Jan. 10 that their protected health information may have been exposed in a data breach.
On June 18, 2019, PIH Health discovered that a limited number of employees' email accounts had been compromised due to a phishing attack. Upon investigation, which ended Oct. 2, 2019, officials determined that the email accounts had been accessed between June 11 and June 18, 2019.
While unclear what information was stored in the email accounts, PIH Health disclosed that the data of certain current and former patients was contained in the affected email accounts. Immediately after discovering the compromised emails, PIH Health had the employees reset their passwords.
There is no evidence that any patient information has been misused. However, PIH Health has established a toll-free call center for any patients with questions.
"The privacy and protection of private information is a top priority for PIH Health. PIH Health deeply regrets any inconvenience or concern this incident may cause," the health system said in a statement.