Columbus (Wis.) Community Hospital began notifying patients May 24 that a phishing attack at one of its vendors may have exposed their data, according to Channel3000.
On April 8, OS, a company that provides claims management services for the hospital, became aware of a data breach. Various OS clients' email accounts were exposed in the phishing attack.
Patient information that was in the exposed emails included names, hospital account numbers, insurers, summaries of charges and categories of services. A limited number of Social Security numbers and insurance identification numbers may have also been affected.
Columbus Community Hospital is working with OS to ensure policies are put in place to prevent another data breach. OS is offering those affected access to identity theft restoration services and fraud consultations.