June 22 — chi St. Luke’s Health-Memorial Lufkin announced today that it has taken litigate after becoming aware of an incident that took position on April 23, 2020 in which an unapproved third party gained access to patient information. Though we make no evidence to confirm that info was actually viewed or obtained by the unknown outside party, chi St. Luke’s Health-Memorial Lufkin is providing observation of this event to potentially impacted individuals as well as certain regulators out of an abundance of caution. What Happened? On April 23, 2020, we discovered that patient information in two employee email accounts could have been accessed by an unapproved outside party. Though we hold no evidence to confirm that information was actually viewed or obtained by the individual, we cannot totally rein it out as a possibility. We discovered the potentiality exposure as we were investigating a security event involving 1 of our servers, which we learned about on march 25, 2020. The information that may experience been accessed included patients names, diagnosis, dates of services, and facility account number. Based on the circumstances there is no evidence that any other information was accessed or that patients information has been used inappropriately. chi St. Luke’s Health-Memorial Lufkin has established a call snapper with its partner, Kroll, to assist in answering any questions impacted individuals may have. For more information, call at 1-844-961-2413, Monday through Friday from 9:00 a.m. to 6:30 p.m. Eastern Time, excluding major U.S. holidays. What We are Doing. CHI St. Luke’s Health-Memorial Lufkin is committed to protecting the security and confidentiality of our patients protected health information. An internal investigation was launched by the chi St. Lukes threat management team, and vendors were engaged to conduct a forensic investigation. The investigation included engaging forensic experts, interviewing employees, reviewing data and access logs, conducting threat intelligence analysis, and reviewing various data file types in order to determine what if anything had happened. The patients electronic health records were not involved. chi St. Luke’s Health-Memorial Lufkin has taken steps to corroborate that its network remains secure, and it is continuing to work with law enforcement and forensic experts. Additionally, chi St. Luke’s Health-Memorial Lufkin has reset word across the facility, replaced and upgraded hardware, made changes relating to software, and changed processes for accessing the network. What You can Do. chi St. Lukes health encourages individuals to stay vigilant against incidents of indistinguishability theft and fraud, to brushup their bank and credit statements, and to monitor their credit reports for suspicious activity. Under U.S. law individuals are entitled to one loose citation story annually from each of the iii major credit reporting bureaus. To order a unloose citation report, visit�www.annualcreditreport.com�or call, toll-free, 1-877-322-8228. Individuals may also tangency the three major citation bureaus directly to asking a free copy of their credit report. Additionally, certain individuals affected by this incident may be eligible for Experian credit Monitoring at no cost for up to a year. For more information about protecting personal information, impacted individuals may contact the FTC for resources. Source: chi St. Lukes health monument