Baystate Medical Center reportedly suffered a data breach possibly impacting 12,000 patients.

The Springfield, Mass.-based hospital told patients that between Feb. 7 and March 7, 2018, several employee email accounts were compromised after a worker was victimized by a phishing scheme giving an unauthorized person access to their accounts.

Baystate said the accounts were quickly locked down, but not before certain patient information was exposed. This included patient names and dates of birth, health information (such as diagnoses, treatment information and medications), and in some instances health insurance information, Medicare numbers and Social Security numbers.

Baystate said its medical record database was not accessed and the hospital does not believe the compromised information has been used. “This incident did not affect all Baystate patients, and we have no indication that any patient information was actually acquired or viewed, or that it has been misused,” hospital officials said in a release.

Masslive.com reported that 12,000 patients were affected.