An organization that provides mental health services across the state wants to let everyone know about a recent privacy issue. The Region Ten Community Services Board is letting people know about an email hack that happened in July.
Region Ten said in a release to NBC29 Friday that it is unlikely any protected health information has been accessed or used by a hacker.
On July 29, a hacker got passwords to several email accounts of Region Ten Community Services Board employees. The group was informed about the incident the next day.
Region Ten says once it found out, it closed access to all employee email accounts and made everyone change their passwords. Additional email security measures were also put in place and some administrative policies were changed.
Region Ten wants their consumers to remain vigilant by monitoring their account statements.
An investigation of the incident was also launched with IT consultants to get more information about the hack. That review is ongoing.
Region Ten Press Release
Region Ten Community Services Board takes the privacy of its consumers very seriously. Although we believe that it is unlikely that any protected health information has been accessed or used by unauthorized individuals, we are notifying our consumers of a recent privacy issue as part of our commitment to consumer privacy
On July 29, 2013, a hacker obtained the passwords to several Region Ten Community Services Board employees' email accounts. It is unknown what, if any, protected health information was contained in the email accounts involved, and Region Ten is not aware that any protected health information was accessed or used by unauthorized individuals.
Region Ten became aware of this incident on July 30, 2013. We immediately responded by closing access to all employee email accounts and requiring all employees to change their email passwords. We also initiated an investigation in conjunction with our information technology consultants in order to gather more information about the incident. The investigation is ongoing.
In order to reduce or eliminate the potential harm to our consumers resulting from this incident, and to prevent an incident like this from happening in the future, we have implemented additional email security measures, provided additional training to our employees regarding email security, and revised several of our administrative policies and procedures.
Although Region Ten is not aware of any misuse of protected health information, we recommend that our consumers remain vigilant, continue to monitor their health-related and financial account statements, and contact law enforcement if they find suspicious activity.
Region Ten is dedicated to protecting the privacy of its consumers, and we will continue to do everything we can to correct this situation and strengthen our privacy and security measures. Consumers may contact us with questions and concerns by calling our toll-free number, (855) 570-7752, between the hours of 9:00 a.m. and 5:00 p.m., Monday through Friday.