Boston-based health care system Partners Healthcare Inc. says personal patient information was revealed by its employees in November in response to “phishing” emails.
Although the health care system, which is affiliated with Brigham and Women’s Hospital and Massachusetts General Hospital, among others, did not reveal the number of patients affected by the incident, news reports said about 3,300 patients were affected.
In a statement Thursday, Partners Healthcare said employees received the phishing emails and provided information in response to them, believing them to be legitimate.
The information provided included names, addresses, dates of birth, telephone numbers and, in some instances, Social Security numbers.
Also revealed was some patients’ clinical information, such as diagnosis, treatment received, medical record numbers, medical diagnosis codes or health insurance information, Partners Healthcare said in its statement.
To date, there is no indication any patient information has been misused, and Partners Healthcare said its electronic medical records system was not compromised.
The Boston-based company, which said it began mailing letters to affected patients on Thursday, could not be reached for further comment.
At least five lawsuits seeking class action status have been filed in federal court in Seattle by policyholders of Premera Blue Cross in connection with the data breach announced March 17 that affected about 11 million customers.