Torrance Memorial Medical Center Monday began notifying some patients that email accounts containing “work-related reports” and personal data were breached at the hospital.

The so-called phishing attack occurred on April 18 and 19, according to medical center spokesman Ed Finn, who said facility personnel, working with third-party forensic investigators, launched an investigation “to determine the nature and scope of the incident.”

“The investigation determined that personal information for certain individuals was present in some impacted emails, but it remains unclear whether emails or attachments containing the information were accessed by an unauthorized person or persons,” according to Finn.

The breach, first revealed publicly Monday, was reported to the California Department of Public Health, the U.S. Department of Health and Human Services and the FBI, he said.

“To date, Torrance Memorial has no evidence of any actual or attempted misuse of information as a result of this incident,” Finn said. “However, the email accounts that were accessed through this incident contained sensitive personal information including names, dates of birth, address information, telephone numbers, medical record numbers, Social Security numbers, health insurance information, and other clinical/diagnostic information.”

Notice letters mailed to “potentially impacted individuals” include offers of no-cost credit monitoring and identity theft protection services for one year, Finn said.

“Torrance Memorial encourages potentially impacted individuals to remain vigilant against incidents of identity theft and fraud, to review account statements, and to monitor free credit reports and explanation of benefits forms for suspicious activity,” Finn said.

The number of potentially affected patients was not immediately disclosed.

–City News Service

Leave a comment

Your email address will not be published.