Evansville, Ind.-based St. Mary's Health has reported a cyberattack on employees' emails, leading to a breach of approximately 4,400 patients' data.
Several employees' usernames and passwords were comproised in an email hack on Dec. 3, 2014, and those emails contained patients' personal information.
Compromised information includes names, birth date, gender, date of service, insurance information, "limited" health information and some Social Security numbers. No individual health or billing records were accessed, according to St. Mary's.
In addition to free monitoring services for affected individuals, St. Mary's is also evaluating ways to enhance its security program and will provide additional education to employees about email hacking attacks.
More articles on data breaches:
Breach victims three times more likely to become identity theft victims
Vandalized warehouse, stolen documents prompt breach notification from Hunt Regional Medical Partners
Medical College of Wisconsin reports breach after laptop stolen from physician's car