On April 20, the hospitals learned that malicious code had infected their networks as a result of an unauthorized party gaining access to certain systems between March 31 and April 24.
The systems contained the protected health information of patients, such as Social Security numbers, names, dates of birth, health insurance information, medical information, addresses, and billings and claims information.
Upon learning of the incident, the hospitals suspended user access to the affected information technology applications, executed extensive cybersecurity protection protocols and restricted further unauthorized activity.
Baptist Health is currently mailing letters to all affected individuals.
The number of affected patients is unknown.
