The data of 3.7 million people may have been compromised in a cyberattack discovered July 13 on a Phoenix-based healthcare system.

Banner Health released a statement acknowledging that an unauthorized person accessed information stored on a limited number of its servers and took steps to mitigate the hack, reports Healthcare IT News.

“We immediately launched an investigation, hired a leading forensics firm, took steps to block the cyber attackers, and contacted law enforcement. The investigation revealed that the attack was initiated on June 17, 2016,” Banner’s statement read.

The healthcare system also mailed a letter to individuals who may have been affected and set up a call center to handle questions.

Banner has already begun the process of improving the security of its networks to prevent similar attacks in the future.

RELATED: Miss. Medical Center Fined $2.75M for HIPAA Violation

The hackers allegedly entered the network through payment processing systems for food and beverage purchases.

The information accessed may have included names, birth dates, social security numbers, addresses, dates of service, claims information and current and former employee health insurance information.

One cybersecurity expert, Mansur Hasib of the University of Maryland, said the security breach is a perfect example of the importance of having systems in place that alert officials if troves of data are being sucked into one account.

Other experts say the cyberattack is similar to the one on Target, which went through a third-party HVAC vendor.

Read Next: Here’s How 7 Institutions Dealt with Recent Ransomware Attacks

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Related Content