Partners says in November it learned a group of its workers received phishing e-mails and provided information in response. Phishing emails trick their targets into handing over passwords or clicking on links that install malicious programs.
Partners says some e-mails contained patient information including names, addresses, dates of birth, telephone numbers and Social Security numbers and clinical information such as diagnoses, treatments received and insurance information.
Partners said Thursday it contacted law enforcement and has taken steps to secure email accounts. It says it has no evidence any patient information has been misused.
The breach involved patients at Massachusetts General Hospital, Brigham and Women's Hospital and several other hospitals affiliated with Partners.