An unauthorized individual gained access to the email accounts of two employees at Kaiser Permanente in Oakland, Calif., the health system announced in a notice on Nov. 1.
Kaiser Permanente discovered the breach on Sept. 3 and immediately terminated the unauthorized access to the accounts. An investigation was launched to assess the scope of the incident.
The investigation revealed that the compromised email accounts contained patient information, including names, dates of birth, medical record numbers, and certain medical details. Kaiser noted that no Social Security numbers or financial information were involved in the breach.
Although the health system did not disclose the number of affected patients, it stated that there is no evidence of any misuse of the exposed information. Following the incident, Kaiser Permanente reset the passwords for the affected employees' accounts to enhance security.