An investigation determined that an unauthorized third party had gained access to the employee’s email account between May 4-15. The password for the account has since been changed.
It’s unclear if the unauthorized third party viewed the emails or took patient information. However, Cancer Treatment Centers of America said the email held the protected health information of 3,904 patients.
Patient information that was potentially affected included addresses, phone numbers, dates of birth, medical record numbers, other patient identifiers, medical information and health insurance information.
Eastern Regional Medical Center is providing further training to employees to increase awareness on cybersecurity threats. The medical center is also conducting a review of its email security to ensure an incident like this doesn’t happen again.
More articles on cybersecurity:
Viewpoint: How Amazon Alexa is changing privacy in healthcare
Malware attack disrupts operations at Indiana medical center
Hackers gain access to Vermont ACO email account, possibly exposing data of 25,000 patients