Zoll Medical reported that the personal information of 277,319 patients was exposed during a recent server migration.
The medical-device and software maker said in a release on Monday that a third-party service archives Zoll's e-mails. Some personal information was included in the e-mail communications the third-party provider stores.
During a recent server migration, some of the data from those e-mails was exposed. Zoll believes the incident occurred between Nov. 8 and Dec. 28, 2018. The company refused to comment on whether the exposure was inadvertent or the result of a hack.
"At this point, Zoll is not aware of any fraud or identity theft to any individual as a result of this exposure," the company said in a release. "The vendor has since confirmed that all information has now been secured."
Zoll said patient names, addresses, dates of birth and limited medical information could have been among the data exposed as a result of the breach.
A small number of patients also had their Social Security numbers exposed.
This is the first data breach that Zoll has reported to HHS' Office for Civil Rights in the past two years, according to HHS' data breaches portal.
Zoll's breach continues a trend of major data breaches so far in 2019. Last month, data breaches compromised the information for more than 2 million patients, according to data from the Office for Civil Rights. That figure is well above the 309,664 people affected by breaches in February 2018.
Data breaches have become a major concern for healthcare providers and companies. A study published in JAMA last year found that health data breaches rose each year from 2010 to 2017.
HHS' Office for Civil Rights also issued a record-breaking $28.7 million in fines in 2018 to companies for poor responses to data breaches.