Patients of Trinity Health may have had some of their personal information compromised in a data breach in January.
The health network, which includes Trinity Health of New England, said it was notified by Accellion, a third-party vendor, on January 29 that there was a security issue with its system used for sending secure email.
Certain files on the server were downloaded by an unknown user on January 20, according to Trinity Health. The unauthorized user was able to take advantage of an unknown security flaw in the Accellion appliance, the company said.
The files that were downloaded contained information including patient names, addresses, emails, birth dates, healthcare provider, medical records numbers, lab results, medications, payment, payer names, and claims information.
Some patient infomation also included a social security number or credit card number, according to Trinity Health.
The company said it is unaware of any of the data being misused, but urged those affected to be vigilant.
Trinity Health apologized for the data breach and is offering affected patients free access to identity or credit monitoring services. Letters have been sent to patients affected by the breach.