The private information of some 5,600 patients of Carolinas Medical Center-Randolph might have been accessed by a computer hacker, according to hospital officials.
Carolinas HealthCare System notified those patients plus, as a precautionary measure, 700 additional patients of the breach, a hospital news release said Friday.
The hacker accessed the information by obtaining incoming and outgoing emails from a provider’s account, according to the release. Officials discovered the security breach Oct. 8, after a security software upgrade.
The psychiatric hospital then hired a forensic investigator and notified federal law enforcement about the incident. An investigation revealed that most of the hacked emails did not contain patient information, the release said.
Five affected emails contained Social Security numbers, and “a number” of the emails included medical and other patient information, the release said. That information included patient names, medical records and account numbers, dates of birth and treatment information.
Officials sent letters to patients affected by the hacking, although they said they had “no evidence that the information has been misused.” As a precautionary measure, CHS is offering affected patients free credit monitoring and insurance services.
Officials have taken several measures to prevent the hacking incident or others like it from happening again, the release said, including using new electronic safeguards and a continuous monitoring system.