UnityPoint Health says a phishing attack on its email system could have compromised the health and personal information of 16,000 patients.
The Des Moines Register reports that the system discovered on Feb. 15 that a phishing attack had affected some employee email accounts.
A letter sent to patients on Monday says accounts may have been accessed between November 1st and February 7th.
Patients’ information that may have been exposed included medical record numbers, diagnosis and treatment information, lab results, insurance information, names and dates of birth and some Social Security numbers and other financial information.
Patients have been advised to contact health insurance companies for a current report of all services paid.
Patients may also call 855-331-3612 to see if their information was compromised.