Partners HealthCare System has begun alerting affected patients following a review into a cyber-attack.
Partners was hacked in November 2014 after a group of workforce members received phishing emails. Responding to the emails created an opportunity for unauthorized access to the workforce members’ email accounts within the Partners HealthCare network.
“When we learned of this, we took steps to secure the email accounts and contacted law enforcement. We also began an investigation into the phishing attack on our organization, including working with an expert computer forensic firm,” said the company.
Following the attack, Partners conducted a comprehensive review of the affected email accounts and found that some of the emails contained patient demographic information. The information included names, addresses, dates of birth, telephone numbers, and, in some instances, Social Security numbers, and some of the patients’ clinical information.
“Importantly, our electronic medical records system was not compromised. Only certain discrete information contained in the compromised email accounts was potentially affected,” it added.
As of April 30, 2015, Partners has begun alerting affected patients.
Partners HealthCare System, Cyber Attack, US