Four employees of Middlesex Hospital in Middletown, Conn., fell victim to an email phishing scam, which may have breached protected health information of 946 patients.
The phishing scam occurred Oct. 9 and potentially breached patient names, addresses, birth dates, medical record numbers, medications, dates of service, and/or diagnoses. The hospital says hackers did not gain direct access to full medical records or Social Security numbers.
The hospital says it has notified all patients involved in the breach and is taking necessary steps to help prevent a similar incidence from occurring in the future.
More articles on data breaches:
Cottage Health breach due to exposed server affects 11,000 patients' records
Cybersecurity year in review: 3 key findings from IBM
Lahey to pay $850k HIPAA settlement for 2011 data breach