In October, Conway Medical Center determined that an unauthorized third party had gained access to a limited number of employee email accounts. Immediately, the hospital suspended the unauthorized access and began an investigation.
Patient data that may have been exposed included names, addresses, dates of birth, Social Security numbers, phone numbers, dates of admission/discharge, account numbers and amounts owed. The hospital’s medical record system was not affected.
There is no evidence that patient information has been misused.
“We recommended affected persons activate the protection services offered, and as always, remain vigilant and monitor account statements and credit reports carefully. Individuals should report discrepancies to law enforcement. Fraud alerts and security freezes also can be activated to help protect individuals,” Conway Medical Center said in a statement.
More articles on cybersecurity:
Florida clinic to pay $85K for violating HIPAA records access rule
Wyoming hospitals hit by cyberattacks almost daily, state hospital association says
4 things to know about Zeppelin, a ransomware targeting healthcare organizations
