Unknown perpetrators have accessed sensitive health care data and personal information of more than 1 million hospital patients nationwide, including those treated at Indiana University Health.

One of IU Health’s vendors, Seattle-based MCG, has sent letters to patients informing them an “unauthorized party” accessed patients’ personal information including names, medical codes, postal addresses, telephone numbers, email addresses, dates of birth and Social Security numbers.

IU Health promised to freeze prices,then added fees to Bloomington patients’ bills

MCG said in the letters it is “coordinating with the FBI” and it regrets “any concern this issue may cause.”

Some Bloomington area residents told The Herald-Times they had received such letters. One reader said the letter was “disturbing.” Another worried the letter might be a scam.

Read more…