MORGANTOWN, W.Va. — Mon Health System officials are notifying patients about a data breach that could have exposed some patient information.
According to officials, Mon General Hospital in Morgantown and Stonewall Jackson Memorial Hospital in Weston were targeted in the phishing attack.
Investigators believe a third party gained access to a Mon Health contractor’s email account and attempted to access funds from the hospital through fraudulent wire transfers.
Officials said the incident may affect emails sent between May 10, and Aug. 15, 2021. The following information may have exposed:
Medical record number
Date of birth
Patient account number
Health insurance plan member ID number
Dates of service
Medical and clinical treatment information
Status as a current or former Mon Health patient
The investigation revealed the attack did not involve Mon Health’s electronic health records systems and did not disrupt the service or operations of Mon Health or its affiliates.
Officials said security protocols and practices have been enhanced, including adding multi-factor authentication for remote email access.