CHICAGO (WLS) -- Officials at Rush University Medical Center said Monday a vendor shared a file containing patient information with an unauthorized third party.
Rush said that it learned of the data breach on January 22, 2019.
The hospital said the information included, addresses, dates of birth, social security numbers and insurance information. The information did not include medical history, treatment, diagnosis or personal financial information.
Rush said it has contacted all of the patients involved. The hospital is offering them 12 months of free identity protection service and set up a toll-free dedicated call center to answer any questions.
"Rush takes this matter very seriously and is committed to protecting patients' personal information. Rush has launched an internal investigation and has suspended the contract with the claims processing vendor," the hospital said in a statement.
For more information, visit rush.edu.