Berlin, Md.-based Atlantic General Hospital is notifying patients that some of their protected health information may have been compromised after a ransomware attack took down its IT systems.
On Jan. 29, the health system found encrypted files on some of its computer systems and launched an investigation into the incident.
Through the investigation, Atlantic General Hospital learned that there was unauthorized access to its servers on Jan. 20.
On March 6, the health system determined that the unauthorized user had access to files containing patient and employee information, according to a March 24 release from Atlantic General Hospital.
The files contained the following personal information: names, Social Security numbers, driver's license numbers, financial account information, dates of birth, medical record numbers, referring physician information, health insurance information, subscriber numbers, medical history information and diagnosis and treatment information.
On March 24, the health system said it was notifying all affected individuals, but did not mention how many were affected.
Atlantic General Hospital also said it is implementing additional safeguards to prevent another incident like this from happening.