(WJET/WFXP/YourErie.com) — Some Allegheny Health Network (AHN) patients may have had their personal information compromised through a recent data breach.
A total of about 8,000 patients may have been impacted by the breach that occurred May 31 through June 1. According to an announcement about the breach, an employee received a malicious phishing email link that led to their email account being compromised. That allowed access to protected health information of some patients.
“There were a small number of instances where social security numbers and financial account information may have been accessed,” the announcement said. AHN is offering two years of identity services through Experian to affected patients.
A bulk of the protected health information included patient name, date of birth, dates of service, medical records/ID number and clinical information (medical history, condition, treatment and diagnosis, address, patient phone number, driver’s license number and email address).
AHN and Highmark Health noted that they don’t believe any of the data had been used fraudulently, but it still planned to notify patients of the breach by mail this week.
When the breach was discovered, AHN shut down the compromised mailbox, used preventative and monitoring controls, implemented network blocking, reset passwords and reached out to the contracted email provider for assistance. AHN also is working with another firm to determine the full scope of the data breach, the company said.