Aultman Hospital reports data breach

Aultman Hospital has initiated the process of notifying patients about a potential data breach resulting from unauthorized access to an employee's email account. Aultman Hospital is a non-profit hospital in Canton, Ohio, United States.

The incident, discovered on April 24, involved the use of the compromised email account to send phishing emails between April 22 and April 24.

The unauthorized access may have exposed personal information contained in emails and attachments, including:

• Names
• Medical record numbers
• Dates of birth
• Addresses
• Patient account numbers
• Health insurance identification numbers
• Information about medical diagnoses and treatments

The number of affected individuals is not disclosed.

While the email account was used to send phishing emails, there is no evidence that the unauthorized user accessed the hospital's electronic health records system. Additionally, the breach did not disrupt Aultman Hospital's services or operations.

Aultman Hospital has begun sending letters to affected patients. Aultman advises affected patients to review statements from healthcare providers and health insurance plans. If they identify any services they did not receive, they should immediately contact the relevant providers and insurers.