Lexington Medical Center’ employee database was hacked last week, with up to 22,000 records affected.
The breach involved records of current and former employees dating to 1998, spokeswoman Jennifer Wilson said. The number of employees affected was not immediately available.
"Lexington Medical Center has dedicated significant resources to make sure our databases are as secure as possible,” said Tod Augsburger, Lexington Medical Center’s president and chief executive officer.
The database, known as eConnect/Peoplesoft, contains personally identifiable information including names, Social Security numbers and W-2 forms. No patient information was affected, Wilson said.
When Lexington Medical Center officials discovered the hack, they eliminated further unauthorized access, promptly began an investigation and engaged several national cybersecurity professionals to assist, Wilson said. They also contacted federal and state law enforcement officials.
In addition to offering current and former employees free credit monitoring and identity theft protection services, Lexington Medical Center is establishing a dedicated, confidential call center for identify theft professionals to help answer any questions or concerns, she said. The hospital has also provided information to employees on how they can help protect their identities and prevent fraudulent tax returns from being filed in their names.