A data breach at Vancouver, Wash.-based Rebound Orthopedics & Neurosurgery may have revealed the personal information of 2,800 employees and patients, The Columbian reports.
Here are seven things to know:
1. On May 22, an unknown individual gained access to an employee's email account. Rebound notified its information technology department, which prevented further unauthorized access.
2. On Aug. 8, the practice's investigation discovered that personal patient information, including names, date of births, Social Security numbers, driver's license numbers, financial account information and limited health information, may have been disclosed.
3. No medical records appeared to have been accessed during the breach.
4. The practice mailed letters to individuals who were potentially impacted by the breach, including steps to monitor and protect personal information. Rebound also created a tollfree call center to answer questions about the incident and is offering free identity theft protection and credit monitoring services through Kroll to people who may have been affected.
5. According to John Bauman, Rebound's executive director, a Rebound employee received a phishing email from a contractor whose cybersecurity was breached. The employee opened the email and an attachment that unleashed malware.
6. Computer forensic consultants detected three attempts to break into Rebound data, including two from U.S. locations and one from outside the country.
7. The practice operates seven primary clinics. Clinicians serve as team physicians for the Portland Trail Blazers and the Portland Winterhawks.