Unauthorized third party may have gained access to company email accounts

Texas Health Resources, a US healthcare group with 29 hospitals across northern Texas, has alerted thousands of patients to a potential data breach that may have resulted in their personal details being compromised.

Issuing a security alert last week, Arlington-based Texas Health said an unauthorized third party may have gained access to some of the company’s email accounts in October 2017.

A subsequent investigation determined that some patients’ information may have been in the affected email accounts, and may have included names, medical record numbers, dates of birth, addresses, insurance information, clinical information, and in some instances Social Security numbers, driver’s license details, and state identification numbers.

Texas Health received notice of the potential breach back in January, during which time the authorities asked the group to refrain from contacting their patients, so as not to impede the investigation.

“We respected law enforcement’s request and began our own internal investigation, including hiring a leading forensic firm to assist us,” the non-profit stated. “Law enforcement has now indicated we could notify our patients regarding this incident.”

According to local press reports, the incident affected fewer than 4,000 Texas Health patients that received care and treatment primarily in 2017.

“We have no indication that any information has been misused in any way,” the group said. “However, in an abundance of caution, we mailed letters to affected patients on April 13, 2018, and established a dedicated call center to answer any questions they may have.

“For those patients whose Social Security numbers were included, we are offering one year of free credit monitoring. We recommend affected patients review any statements they receive from their health insurer.”