HealthITSecurity reports that Texas-based St. Luke's Health has disclosed experiencing a third-party data breach involving consulting services vendor Adelanto Healthcare Ventures, which has impacted 16,906 patients. AHCV identified a compromise of two employee email accounts in November 2021, and while the initial investigation revealed the absence of leaked protected health information, a further review showed that St. Lukes Health PHI was exposed, with St. Luke informed about the new findings in September. Patients' names, birthdates, addresses, Social Security numbers, Medicaid numbers, service dates, and medical record numbers, as well as clinical details may have been compromised by the breach. No evidence of data misuse has been identified so far and various security controls have already been adopted by AHCV since the incident. "We apologize for this event that occurred with one of our vendors, and regret any concern that this issue may have caused," said St. Luke's Health in its notice.