Barrio Family Health Care Center staff said the breached resulted from unauthorized access to employee emails.
SAN ANTONIO — Nearly 20,000 patients at a San Antonio-based health care clinic potentially had their names and medical information exposed as part of a “cybersecurity incident,” according to a message communicated to those patients from staff.
The Barrio Comprehensive Family Health Care Center, headquartered at 431 Wolfe Road near the airport, reported the data breach to the Texas Attorney General’s Office on March 9. The clinic noted that up to 19,885 individuals may have been impacted by the breach, which was discovered on Sept. 16 of last year when staff flagged “suspicious activity potentially related to an employee email account.”
After securing its network and investigating, the care center found that there was unauthorized access to some of the employee’s emails.
“As a result, together with third-party specialists, we began a comprehensive and time-consuming review of the impacted emails to determine the type of information contained therein and to whom that information related,” Barrio staff told patients in the message dated March 6.
That review reached the finish line on Feb. 19. Barrio concluded that birth dates, patient account numbers, provider locations, provider names and clinical information may have been exposed.
The clinic emphasized that there was “no evidence” the information was misused. But out of precaution, it walked patients through the steps for them to take advantage of free credit-monitoring services, should they so choose.
Any patients with additional concerns or questions was encouraged to call the clinic at 1-833-289-5065 or mail staff at 431 Wolfe Road, San Antonio, TX 78216.
“We take the privacy and security of the information entrusted to us very seriously, and sincerely regret any worry or inconvenience this incident may have caused,” the clinic’s message stated.