FREESTONE COUNTY, Texas St. Joseph Hospital is in the process of notifying more than 400,000 of its past and present patients about a major cyber attack from China that put patient information at risk.
Mary Vaughn of Buffalo says she's already seen her identity stolen.
She's frustrated the hospital didn't tell her sooner.
"This file right here has been my life for the last month," she said.
45-year-old Mary Vaughn who lives outside of Buffalo in Freestone County is trying to fix what identity thieves did to her.
"In January someone used my Social Security Number and applied for credit cards with major companies and I was notified of the problem with my credit report," said Vaughn.
What she didn't know until Tuesday was she was one of the more than 400,000 people to have had their personal information hacked from a server at St. Joseph Regional Health System in Bryan back in December.
IP addresses originated from China and elsewhere.
She'd been a patient seven years ago and the thieves used the last name she had then.
That's why she thinks the identity theft is connected to the security breach at St. Joseph.
"You work hard all your life to get your credit where it's at and I mean it's part of who you are," she said.
While Mary Vaughn is grateful for all the help she's getting now she still doesn't understand why it took nearly two months for her to get her letter from St. Joseph, telling her about the problem.
Tim Ottinger is a spokesperson for St. Joseph Regional Health Center and says it took forensic experts weeks to figure out what was hacked and also find contact information.
Some records dated back ten years.
"We understand that people are concerned that it took a little while but we worked very hard every single day to get what we needed out there as quickly as we could," he said.
Vaughn has been in contact with St. Joseph, filed a police report with the Freestone County Sheriff's Office and says she tracked down the person who tried to open up the accounts to an apartment complex in Houston.
"Everything that happened to me was mid-January and I think if they happened more rapidly I'm not saying it wouldn't have happened, but I would have known where this was coming from," she said.
So far St. Joseph officials say there's no official confirmation the breach has resulted in any identity thefts.
If you've been notified by the St. Joseph Health System or are worried your information was compromised by the security breach, you can call the St. Joseph hotline at (855) 731-6011.
It's open every day from 8 A.M. to 8 P.M. except Sunday.
St. Joseph is also offering free identity protection for a year for all the people being notified.
Tim Ottinger with St. Joseph Health System also made the following statement regarding Mary Vaughn's case:
"We are very sorry to hear about Ms. Vaughn's experience. While there is no reason to believe her experience was related to our data security incident, we want to remind everyone who received a letter from us that they have automatically been enrolled in free ID protection for a year. We would also encourage anyone who received our letter to call our call center at (855) 731-6011 and enroll in triple credit bureau protection," Ottinger said.