Hopebridge values the privacy and security of our patients’ information. Regrettably, this notice is regarding an incident that may have affected some of that information.
On July 19, 2018, we discovered that an unauthorized actor may have gained access to some Hopebridge employees’ email accounts between March and July 2018. We immediately took steps to secure the accounts and began an investigation to determine the scope of the access, which included retaining a leading third-party forensic firm. Our investigation determined that some patient information may have been contained in the email accounts, including patients’ names and that they received services from, or were referred to, Hopebridge. Based on the activity we have reviewed, the unauthorized access was in an attempt to gain access to select employees financial information and not directly attempting to obtain information relative to patients.
We have no indication that any patient information has been misused. We recommend our patients review any statements related to their medical care. If there are services they did not receive, please contact the provider immediately. We began mailing letters to our patient population on August 31, 2018. Should any patients or their families have questions regarding this incident, they can call 1-844-269-1187, Monday through Friday, 9:00 a.m. to 4:00 p.m. Eastern Time.
We deeply regret any concern or inconvenience this may cause our patients or their families. To help prevent something like this from happening in the future, we have implemented stronger access controls including but not limited to 2-factor authentication, IP address whitelisting and masking patient names on internal e-mails and reporting.