Sacred Heart Rehabilitation Center, a drug and alcohol addiction treatment facility in Richmond, Mich., is notifying "a limited number of patients" after a phishing scheme compromised an employee's email account in April, MLive reports.
An investigation into the incident determined the compromised account stored some patients' protected health information, including full names, addresses, health insurance information, medical treatment information, medical diagnostic information and Social Security numbers. Sacred Heart is not aware of any identity theft or improper use of information as a result of the breach.
It's unclear how many individuals were affected by the incident, but MLive notes that Sacred Heart treated 7,000 patients in 2018.
Sacred Heart officials told MLive the center is "committed to maintaining the privacy and security of patient information The rehabilitation center retrained employees on proper email security practices after the incident.