MAINE, USA — A large health provider in southern Maine says the personal health information for thousands of its patients may have been exposed in an email data breach.
According to a press release Tuesday, Nov. 5, InterMed, P.A. first learned about the unauthorized access to one of its employee’s email accounts on September 6.
The company says it took immediate action to secure the account and hired a nationally recognized forensics team to conduct a comprehensive, independent investigation.
The investigation found that three other employee email accounts were also hacked between Sept. 7 and Sept. 10, 2019.
As a result, InterMed says it reviewed the messages and attachments in the email accounts and found they contained the information of roughly 30,000 of its patients.
The information included patient names, dates of birth, health insurance information and clinical information.
The company said only a limited number of patient Social Security numbers were exposed.
InterMed says it will mail notification letters to all potentially impacted patients on Tuesday, Nov. 5, 2019.
The company says this security breach did not involve InterMed’s electronic health record system and did not impact all InterMed patients.
InterMed has offices in Portland, South Portland, and Yarmouth.