By Gina Yarbrough
San Diego, CA–San Diego-based Scripps Health will be mailing notification letters to 147,267 patients of a possible compromised data breach of their health and personal financial information from a malware attack on Scripps’ network.
In the letter, Scripps Health will also provide information, tips and resources on fraud alert protection for affected individuals.
“While there is no indication that any data has been used to commit fraud, we are also providing patients whose Social Security number and/or driver’s license number were involved with complimentary credit monitoring and identity protection support services. We also recommend that affected individuals review any statements they receive from their health care providers or health insurers,” Scripp Health said in a statement.
On May 1, Scripps noticed unusual network activity that affected some of their IT systems.The health system determined that an unauthorized individual gained access to their network and deployed malware. The individual also acquired copies of some of the documents on the systems.
By May 10, Scripps said they were able to access a limited number of documents involved in the incident and, after a thorough review, determined that some of those documents contained certain patient information.
“As the investigation is ongoing, we do not yet know the content of the remainder of documents we believe are involved, though we are working with third party experts to determine those facts as quickly as possible, “ Scripps stated.
Scripps Health notified federal law enforcement about the data breach. They also launched an investigation of the incident with independent computer consulting and forensic firms.
Scripps has established a call center dedicated to answering questions about the breach. The call center will be available Monday through Friday, between 6 a.m. and 6 p.m. Patients can call (855) 535-1822 for more information.