The personal information for almost 4,300 patients at Mass General was exposed when a hospital vendor’s database was hacked earlier this year.
The hospital said in a statement it learned of the third-party vendor’s data breach, which included access to patient Social Security numbers and birthdays, in early February. Law enforcement investigators required patient and public notification of the incident be delayed while the investigation was conducted, according to the hospital.
“This incident did not involve any unauthorized access to any of MGH’s systems or to any files maintained by MGH,” the hospital said.
With permission of investigators, the hospital said it began notifying patients on May 26, mailing letters to affected individuals on June 29.
Following the hack, Mass General said the third-party vendor, Patterson DEntal Supply Inc., enhanced security of its systems. The vendor manages dental practice information for the hospital.
“We regret any inconvenience caused by this incident,” the hospital said.