Roper St. Francis Healthcare notifies patients of phishing incident

Roper St. Francis Healthcare has been approved to begin treating COVID-19 patients with a drug...
Roper St. Francis Healthcare has been approved to begin treating COVID-19 patients with a drug typically used to fight cancer, making the hospital the only one in the state in the study.(Live 5 News)
Published: Jan. 8, 2021 at 12:45 PM EST
Email This Link
Share on Pinterest
Share on LinkedIn

CHARLESTON, S.C. (WCSC) - Roper St. Francis Healthcare says they are mailing letters to patients whose information may have been stolen.

RSFH says they were involved in a recent incident involving unauthorized access to a limited number of employees’ email accounts.

The healthcare provider learned that an unauthorized individual gained access to three employees’ email accounts between Oct. 14 and Oct. 29 of 2020.

RSFH says they immediately took steps to secure the email accounts, began an internal review, and engaged a forensic security firm to conduct a thorough investigation.

“On Dec. 18, the investigation determined that patients’ information, which may have included names, dates of birth, medical records or patient account numbers, and/or limited clinical or treatment information, such as dates of service, locations of service, providers’ names, or billing information, may have been accessed or viewed by the unauthorized individual,” RSFH said in a statement.

In a limited number of instances, RSFH says patients’ health insurance information and/or Social Security numbers also were identified in the accounts.

This incident did not affect all RSFH patients, but only those whose information was included in the employees’ email accounts involved in this incident.

RSFH says they have established a dedicated, toll-free call center to answer questions that individuals may have about the incident. Organizers say patients with questions can call 888-498-0916, Monday through Friday, from 9 a.m. to 6:30 p.m. Eastern Standard Time.

For the patients whose Social Security numbers were identified in the emails or attachments, RSFH says they are offering complimentary credit monitoring and identity protection services.

While RSFH says they have no indication that any of the information has been misused, out of an abundance of caution, RSFH also recommends that affected patients review statements they receive from their health insurers or healthcare providers.

If patients see services not received, RSFH says they should contact their insurer or provider immediately.

To help prevent this from happening again, RSFH says they are enhancing their email security and providing continued education to staff on email protection.

Additional information is posted on the RSFH website.

Copyright 2021 WCSC. All rights reserved.