Abilene, Texas-based Hendrick Health System began notifying patients of a cyberattack that occurred last autumn and may have exposed their personal information.
Four key details:
- Hendrick Health System identified a cybersecurity threat Nov. 20 that disrupted IT operations and exposed patient information. The health system notified law enforcement and conducted an investigation, finding that patient information may have been exposed between Oct. 10 and Nov. 9.
- Patients' names, Social Security numbers and demographic information may have been exposed, but electronic health records were not affected by the attack.
- The cyberattack affected only patients of Hendrick Medical Center and Hendrick Clinic in Abilene, Texas. Hendrick Medical Center South, which is also in Abilene, and Hendrick Medical Center Brownwood were not affected by the attack.
- Hendrick Health System began mailing letters Jan. 15 to patients whose information may have been exposed during the attack. The health system set up a confidential call center for affected patients and offered one year of complimentary credit monitoring and identity protection services to patients whose Social Security numbers may have been exposed