On February 14, 2024, Lexington Medical Center filed a notice of data breach with the Attorney General of Vermont after discovering that an unauthorized actor was able to access an employee’s email account. In this notice, Lexington Medical Center explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, dates of birth, medical record numbers, health insurance identification numbers, patient charge descriptor information, and billing codes. Upon completing its investigation, Lexington Medical Center began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you received a data breach notification from Lexington Medical Center, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the Lexington Medical Center data breach. For more information, please see our recent piece on the topic here.

What Caused the Lexington Medical Center Data Breach?

The Lexington Medical Center data breach was only recently announced, and more information is expected in the near future. However, Lexington Medical Center’s filing with the Attorney General of Vermont provides some important information on what led up to the breach. Lexington Medical Center also posted a website notice discussing the incident.

According to this source, Lexington Medical Center recently learned that, on October 4, 2023, an unauthorized party gained access to an employee’s email account. In response, Lexington Medical Center contained the incident and launched an investigation.

Ultimately, the Lexington Medical Center investigation confirmed that an unauthorized party accessed the employee email account. On January 18, 2024, after conducting further investigation, Lexington Medical Center learned that certain patient information was accessible through the breached email account.

After learning that sensitive consumer data was accessible to an unauthorized party, Lexington Medical Center reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, date of birth, medical record number, health insurance identification number, patient charge descriptor information, and billing codes.

On February 14, 2024, Lexington Medical Center sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.

More Information About Lexington Medical Center

Founded in 1971, Lexington Medical Center is a healthcare network based out of Columbia, South Carolina. Lexington Medical Center is a 607-bed teaching hospital as well as the anchor of a healthcare network that includes five medical centers. Lexington Medical Center’s emergency departments treat approximately 100,000 patients each year, and its hospital performs 25,000 surgeries annually. Lexington Medical Center employs more than 7,800 people and generates approximately $1.1 billion in annual revenue