A cyberattack last July on Macon, Ga.-based Navicent Health's employee email account system may have affected 278,016 patients' personal information, Spamfighter reports.
The health system launched an investigation after becoming aware of the security incident last summer. On Jan. 24, Navicent Health determined affected email accounts contained patients' personal information, including names, dates of birth, addresses, limited medical information and a limited number of Social Security numbers.
The cyberattack did not affect the health system's EHR system or network; it was limited to the employee email accounts, according to the report. Navicent Health has notified all patients affected by the cyberattack and is offering free identity theft protection services to patients' whose Social Security number may have been compromised.
"We take our responsibility to safeguard personal information seriously and apologize for any inconvenience or concern this incident might cause," the health system said in a news release. "We are committed to taking steps to help prevent something like this from happening again, including evaluating additional platforms for educating staff and reviewing technical controls."