In a letter dated December 10, George Gati, Privacy Officer for LAGLCSC, writes that forensic investigators found no clear proof that information was actually accessed or acquired as a result of this attack, but it potentially exposed name, contact information, medical or healthcare information, date of birth, credit card information, Social Security number and health insurance account number.
“Immediately upon learning of this criminal attack and the potential exposure of private patient information, the Center took action,” Gati notes. “Specifically, upon learning of the potential of this incident, we promptly took the following actions: (i) curtailed the intrusion; (ii) hired numerous experts, including two leading national forensic investigation firms, to help us investigate the situation and determine the individuals and information potentially affected; and (iii) began the process of notifying potentially affected individuals.
Those affected were also offered free credit monitoring services provided by Experian.
You can read the full notification letter here (pdf).