Vibra Hospital of Sacramento, LLC recently reported a data breach to the California Attorney General’s Office.
According to their notification, they became aware of suspicious activity in several employee email accounts on March 13. Their investigation subsequently revealed that six employees’ email accounts had been subject to unauthorized access between March 11 and March 22.
A notice posted on Vibra’s website provides some additional details about the event that the site reports as beginning on March 12.
“The types of information contained within the affected accounts may have included patient names, addresses, date of birth, Social Security number, date of medical service, medical diagnosis information, individual health insurance policy number, physician or medical facility information, medical condition or treatment information, Medicare or Medicaid number, patient account, financial account number,” the statement reads.
The total number affected was not disclosed and HHS’s public breach tool does not appear to be updated during the government shutdown.
There may be quite a large number notified, however, as Vibra’s October 3 website notice states, “At this time, we are not aware of any evidence to suggest that any information has been misused. However, we were unable to rule out the possibility that the information could have been accessed. Therefore, out of an abundance of caution, we are notifying potentially impacted individuals of this incident.
Neither the notification letter nor website notice explain how the six employee email accounts were compromised.
