Southcentral Foundation (SCF) in Alaska recently notified 14,719 individuals after two employees’ email accounts containing protected health information were hacked in October.
According to their statement, SCF first became aware of a possible breach on October 18. Subsequent investigation by outside consultants determined that two employee email accounts had been accessed: one was vulnerable from Oct. 17-18, and the other email account was vulnerable from Oct. 14-18. Both accounts were immediately disabled.
Protected health information of some customers-owners in the email accounts included a combination of the following elements:
- Full name
- Medical record number
- Date of birth and age
- Address
- Phone number
- Social Security number
- Medicaid ID number
- Photographs
- Diagnosis information
- Treatment information
- Dates of service
- Provider name
- Medical history
- Tribal identification/Membership card
- Birth certificates
- Health status information
- Family members’ names, relationships, and phone numbers
SCF is offering all potentially impacted individuals access to credit monitoring and identity theft protection services with AllClear ID.