Up to four million US patients have had their personal data compromised in an apparent burglary.
The breach occurred on 15 July when four computers were taken from Advocate Medical Group (AMG).
Compromised data included patient names, Social Security numbers, dates of birth and addresses, as well as “limited clinical information,” such as the names of physicians who treated individuals, diagnoses, medical record numbers, health insurance records and medical service codes, a statement said.
The desktop computers did not contain full medical records or financial information of patients, but the data that was compromised was unencrypted, according to a website set up for impacted patients.
The computers were taken from an administrative building and were password-protected.
It was not thought that the machines were targeted for the information they contained.
Following the burglary, AMG added 24-7 security at the breached location and was determining which of its other facilities require similar surveillance.
AMG had more than 1000 physicians and specialists at around 200 practices throughout Chicago and McLean County, Illinois.
The medical group offered patients free credit monitoring services, and began notifying individuals by letter.
US police have yet to find the stolen computers and were still investigating the incident.