University of Missouri Health Care announced Friday it had recently identified and addressed a data security incident involving patient information.
On Aug. 28, MU Health Care completed the process of identifying patients with information potentially affected by an email phishing incident, according to a news release. That information may have included names; dates of birth; medical record or patient account numbers; health insurance information; and/or limited treatment or clinical information, such as diagnostic, prescription, and/or procedure information. For some patients, a Social Security number and/or driver's license number was also identified.
MU Health Care's investigation began after learning unauthorized person(s) may have gained access to certain employee email accounts. The investigation determined that the unauthorized access occurred between May 4-6.
MU Health officials said this incident did not affect all MU Health Care patients, but only those patients who had information contained in the compromised email accounts.
According to MU Health Care, there is no indication individuals' information was actually viewed by the unauthorized person(s) or that it has been misused. However, MU Health Care began mailing notification letters to those whose information was found in the affected accounts and is providing complimentary credit monitoring services to those individuals whose Social Security numbers potentially were exposed.
MU Health Care also recommends patients review any statements they receive from their health insurers or health care providers. If they see charges for services they did not receive, patients should contact the insurer or provider immediately.
MU Health Care has implemented additional security enhancements to its email environment and has reinforced staff education regarding how to identify and avoid suspicious emails, according to the news release.
MU Health Care has established a dedicated call center to answer any questions individuals may have about the incident. Individuals with questions can call the call center at 1-888-977-0634. between 8 a.m.-5:30 p.m. Monday through Friday.
Additional information is posted on the MU Health Care website, muhealth.org/data-security-incident.
This article was edited at 12:45 p.m. Sept. 22, 2020, to correct the MU Health Care call center phone number.