Some employees’ email accounts may have been accessed by an unauthorized third party as a result of the attack, hospital officials learned June 21.
Legacy immediately launched an investigation into the incident, which found some patient information may have been contained in the email accounts, including patients’ names, dates of birth, health insurance information, billing information and medical information regarding care received at Legacy Health. In a limited number of cases, Social Security numbers and driver’s license numbers were also included.
The hospital has found no evidence that any of the information has been misused, but as a precaution, it is offering affected individuals credit monitoring services. It also recommends patients review any healthcare statements for services they may not have authorized.
More articles on cybersecurity:
258K individuals affected in 5 yearslong Wisconsin hack, possibly by elected official
Security holes in Maryland’s Medicaid system put patient data at risk, OIG finds
Homeland Security issues alerts for some Philips medical devices
