Metro Mobility, a transportation service for patients with disabilities in Minnesota, has alerted 15,000 patients that their information may have been exposed in a data breach, according to the HIPAA Journal.
The company discovered Aug. 14 that an employee's email account had been subject to unauthorized access. Upon investigation, Metro Mobility determined hackers had gained access to the email account June 13.
Patient data stored in the email account included names, collection/drop-off addresses, dates and times of services and any special instructions to drivers.
Metro Mobility secured the email account immediately after discovering suspicious activity. The company is unaware of any information misuse.