Hackley Community Care in Muskegon, Mich., has notified around 2,500 patients that their personal and health information was exposed during a phishing attack on employee email accounts last September.
Between Sept. 7-24, one employee email account was accessed by an unauthorized user as a result of the phishing attack. Following this discovery, the medical clinic reset the email password for the affected account and launched an investigation.
The investigation confirmed on Dec. 18 that the email account contained personal and protected health information of current and former patients.
The medical clinic said that it has not found evidence that any of the exposed information has been viewed or misused. It is offering a complimentary credit monitoring service through TransUnion to patients that may have been affected.