UT Health East Texas Tyler Hospital is pictured. (Tyler Morning Telegraph File)

Some patients’ personal information was involved in a recent cybersecurity incident at UT Health Tyler.

Ardent Health Services, on behalf of UT Health Tyler, announced it is notifying certain individuals whose personal information was involved in a recent cybersecurity incident, UT Health East Texas said Tuesday in a press release.

On Nov. 23, Ardent discovered a ransomware incident impacting its network. Upon learning of the situation, Ardent immediately notified law enforcement, initiated its incident response plan, launched an investigation into the incident with the assistance of an outside cybersecurity firm, and began employing containment measures. Shortly after, Ardent successfully terminated the unauthorized access.

Recently, Ardent’s forensic investigation determined an unauthorized third party extracted copies of documents that include certain personal information.

“The unauthorized actor may have accessed, viewed, or removed documents with the following types of information: patient contact information (e.g., address, phone number, email address), Social Security numbers, medical treatment information (e.g., providers, dates of service, diagnoses, prescriptions), health insurance and claims information, and Medicaid / Medicare numbers. At this time, Ardent has no indication that this information has been misused,” the press release stated.

Ardent is a health care chain that operates 30 hospitals in six states.

Ardent has begun mailing letters to individuals whose information may have been involved. The data review process is ongoing and will take time to complete, and as Ardent identifies additional impacted individuals, it will mail letters to them in accordance with all applicable laws.

All individuals whose personal information was impacted are eligible to enroll in credit monitoring and fraud-protection services through TransUnion for one year at no cost.

Ardent has set up a dedicated, toll-free call center to support individuals with questions about the incident. Beginning on Tuesday, Jan. 23, the call center can be reached at 1-833-961-7634, Monday through Friday, between 7 a.m. and 7 p.m., excluding U.S. holidays.

“Ardent is taking additional steps to improve its cybersecurity protections and further enhance employee training. Ardent values the trust patients and team members place in it to protect the privacy and security of their information, and sincerely regrets any inconvenience or concern this incident may have caused,” the company stated.

More information is available at https://ardenthealth.com/data-privacy-incident/