Baltimore-based LifeBridge Health is notifying 500,000 patients that their personal information was exposed in a data breach after an attacker gained access to company servers via one of its physician practices.
Patient names, addresses, birth dates, insurance information and Social Security numbers found in the patient registration and billing system were compromised, according to the Baltimore Sun.
The incident was discovered in March 2018 after officials discovered the malware on a server that hosts electronic medical recodes data for the health system’s affiliated physician group and the shared registration and billing system and an investigation found the incident occurred on Sept. 27, 2016.
“LifeBridge Health and LifeBridge Potomac Professionals [Potomac Physicians] take the protection of health information very seriously,” the health system said in a statement. “While we have no reason to believe patient information has been misused in any way, out of an abundance of caution, we are notifying potentially affected patients as well as providing resources for those who have questions or concerns.”
Patients were notified of the data breach by letters sent out last week and will be offered credit monitoring services to those who social security numbers were compromised.