Jefferson Medical Associates in Laurel, Miss., is notifying patients of multiple unauthorized access to their medical records.
The multispecialty clinic reports an unauthorized individual accessed a database on June 1 containing limited patient health information on "a small percentage of patients." The clinic's investigation suggests the individual accessed and copied one of the databases.
Compromised information includes names, birth dates, Social Security numbers, addresses, phone numbers and prescription information.
JMA has secured the database, disabled remote connections and is implementing additional security measures.
Investigators do not believe the unauthorized individual has used any of the information; rather, "it is believed that the individual accessed the database only to demonstrate his ability to do so," according to the clinic's statement.
The investigation also revealed multiple additional remote connections were made to the database between March 25, 2014, and June 1, 2016, but the clinic is unable to determine if any patient information was acquired, accessed, used or disclosed in any way, "but it is possible."
More articles on data breaches:
FTC says LabMD liable for lax data security in 2013 breach, overturns judge's dismissal of case
Athens Orthopedic Clinic reports data breach
Danish authorities report nationwide breach of health information