NextGen, an electronic medical record system, launched an investigation after an unknown third party gained access to data of patients of Butler’s Advanced OB/GYN Associates between March 29 and April 14.

The data included the names, dates of birth, addresses and Social Security numbers of 1,533 Advanced OB patients treated before UPMC’s University of Pittsburgh Physicians Group acquired the practice in 2020, UPMC said Tuesday, June 27.

Neither UPMC nor UPP actively uses the NextGen Electronic Medical Record system. However, NextGen maintained historical medical records for archive purposes. UPMC said it was not directly involved in this incident.

NextGen said it took “measures to contain the incident, including resetting passwords and further reinforcing the security of its systems.” The company said there is no evidence that any medical or health information, records or data were affected in the breach.

The company notified all affected patients on April 28 and is offering 24 months of free identity monitoring, fraud consultation and identity theft restoration services through Experian’s IdentityWorks product.

Affected patients should enroll online at experianidworks.com/credit by Aug. 31. Patients should be prepared to provide the activation code received in the individual notice that was mailed to those affected on April 28 by NextGen.