Albuquerque, N.M-based Presbyterian Healthcare Services is notifying patients of a phishing attack at the health system that may have exposed their protected health information, according to the HIPAA Journal.
The nonprofit health system discovered June 6 that an unauthorized third party gained access to employees' email accounts. Upon investigation, Presbyterian learned the email account stored information for 183,370 patients.
Patient data that may have been affected includes names, dates of birth, Social Security numbers and clinical and health plan information. Presbyterian is recommending patients check their statements from providers and health plans for signs of data misuse.
Since the phishing attack, Presbyterian has adding security to protect its email system. Employees are now required to undergo annual security training and are sent reminders about cybersecurity threats.