Cheyenne (Wyo.) Regional Medical Center announced March 11 that it has started notifying an undisclosed number of patients about a phishing attack.
In April 2019, hospital official discovered unusual activity in a limited number of employee email accounts. After an investigation, Cheyenne Regional Medical Center determined that an unknown third party had gained access to the email accounts between March 27 to April 8, 2019.
Patient data that may have been exposed included names, dates of birth, Social Security numbers, driver's license numbers, dates of service, provider names, medical record numbers, patient identification numbers, medical information, diagnoses, treatment information, health insurance information and financial information.
Cheyenne Regional Medical Center said there is no evidence that patient information has been misused. Since the incident the hospital has taken additional steps to strengthen the security of its systems, including email accounts.