Notice to our Patients Regarding Cybersecurity Incident
Centura Health takes our role of safeguarding patients’ information very seriously. This notice is to inform our patients of a recent incident that may have involved patient information and the actions we took.
Sometime prior to April 16, 2019, Centura Health experienced a cybersecurity incident involving unauthorized access to one of our employee’s email account. When we learned of this, we immediately terminated the access and began an investigation. A comprehensive forensics review was performed on the email account, and on April 22, 2019, confirmed that the email account contained patient information. That information may have included patient demographic information (e.g., name, date of birth) and/or some clinical information (e.g., medical record number, account number, date of service, treating physician, general description of service or medical device). Social security number, financial information, and health insurance ID/number were not included. Centura Health has reported the incident to law enforcement and will fully cooperate with any investigation. This incident did not affect all Centura Health patients.
We have no evidence that the information in the emails was ever viewed or used in any way. However, as a precaution, Centura Health began mailing letters to potentially affected patients on May 22, 2019. We have established a dedicated call center to assist patients with any questions. If you have questions or if you believe you have been affected but have not received a letter by June 5, 2019 please call us at 1-877-934-0035.
Centura Health took immediate steps to implement and/or reinforce necessary protective measures to help prevent similar events in the future. Those steps included immediately stopping the access, performing an investigation and forensics analysis, requiring the affected employee to immediately change their password, reinforcing education to all employees regarding establishing strong and unique passwords, and continuing to implement enhancements for strengthening the security of its email.
We deeply regret any inconvenience this may cause our patients.
You can obtain further information about fraud alerts and security freezes as well as learn more about the steps you can take to avoid identity theft from these sources:
Consumer Reporting Agencies
Atlanta, GA 30374
P.O. Box 2002
Allen, TX 75013
P.O. Box 2000
Chester, PA 19022
Federal Trade Commission
Federal Trade Commission
(877) FTC-HELP (1-877-382-4357)
600 Pennsylvania Avenue, NW
Washington, DC 20580