The health information of several patients was exposed following two phishing attacks at the Children’s Hospital of Philadelphia (CHOP).
The hospital announced a hacker gained access to two email accounts on Aug. 23 and 29. The email accounts contained “some” health information of patients within its neonatal and fetal programs. Information that may have exposed included: patient names, date of birth and clinical information related to neonatal and/or fetal care provided at the CHOP or the Hospital at the University of Pennsylvania.
“These incidents affected a limited number of mothers and babies and did not include the Social Security numbers or financial and credit information of any patients or their parents,” the hospital said in a statement. “While we are not aware of any actual or attempted misuse of patient information related to these incidents, on October 23, 2018, we mailed letters to patient families who had health information contained in these email accounts.”
The hospital is encouraging affected patients to review statements received by their healthcare providers and report any suspicious activity listed. Additionally, the hospital said its “taking significant measures to provide enhanced levels of security of our email system” to prevent another attack.