AUSTIN, Texas — Ascension Seton said it is investigating after a data breach involving the health care system’s legacy website that happened on March 1-2, 2023.
It said the website was managed by a third-party vendor, Vertex, who is reviewing how access to the information was obtained.
Ascension does not have details about the affected information but said demographic information such as name, address, email address, phone number, insurance information, Social Security number (or tax identification number) or other clinical information was affected if it was provided on the legacy websites, Seton.net and DellChildrens.net.
It’s not believed any information was removed from the affected systems or was misused or shared. Ascension networks and medical record systems were not affected.
Vertex has notified law enforcement about the breach, Ascension Seton said.
“We take the protection and safeguarding of information seriously and have taken steps to ensure this kind of incident does not happen again,” Ascension Seton said in a release. “We reviewed our processes for vendor-hosted websites and shut down the affected sites, creating new ones hosted by Ascension, as well as reviewed the type of information collected on these sites.”
Ascension said affected individuals have been notified, and complimentary credit and identity theft protection services have been provided for those who had Social Security numbers, credit card information and/or insurance numbers impacted.
The incident has been reported to the Office for Civil Rights in accordance with obligations under the HIPAA rules.
Anyone with any questions is asked to contact the assistance line at 866-547-1504.