NEW ORLEANS — Email messages and attachments containing information on thousands of patients at several LSU medical centers have been exposed by a data breach, a spokesperson said Friday.
Patient information may have included patients' names, Social Security Numbers, dates of birth, phone numbers, addresses, and health insurance information.
Some patients' bank account numbers and medical diagnoses were exposed as well, LSU Health Sciences Center New Orleans' Director of Information Services Leslie Capo said in a release.
"Affected patients and the public are being notified," the release said.
Patients who got care at the hospitals below may have had their private information accessed.
- Lallie Kemp Regional Medical Center in Independence;
- Leonard J. Chabert Medical Center in Houma;
- W. O. Moss Regional Medical Center in Lake Charles;
- The former Earl K. Long Medical Center in Baton Rouge;
- Bogalusa Medical Center in Bogalusa;
- University Medical Center in Lafayette;
- Interim LSU Hospital in New Orleans
"LSU Health Care Services Division sincerely regrets any inconvenience or concern this incident may cause affected patients," the release said. "Out of an abundance of caution, patients who received care at the above hospitals are encouraged to monitor their credit reports for potential identity theft. The website www.identitytheft.gov provides a step-by-step process to respond to, and recover from, incidents of identity theft."
The breach seems to have happened Sept. 15, and it was disabled Sept. 18., the same day it was discovered, the release said. That's when LSU Health began the process of finding out which patients' information has been exposed because of the breach.
"While the exhaustive investigation has found thousands of patients, work continues to discover any others," the release said. "The type and amount of patient information varied by location of care."
LSU Health on Friday was still working to figure out if patients exposed were seen in a specific date range, the release said.
"LSU Health Care Services Division is currently investigating the time frame of the patient information that may have been accessed," the release said.
The breach that exposed patients gained access to a single employee's email inbox.
This is a developing story, and it will be updated with the latest information available. Stick with WWLTV.com for the latest news.