A data breach at a local hospital network caused more than 500 patients’ personal information to be leaked.

Northeast Rehabilitation Hospital Network, 70 Butler St., announced on its website that between May 13 and May 22, there was unauthorized access to the company’s network and files containing sensitive information may have been accessed.

Information was accessed from Neuro Rehab Associates Inc., a subsidiary founded in 1983, according to the data breach portal for the U.S. Department of Health and Human Services’ Office for Civil Rights.

The breach was reported to the Department of Health and Human Services on July 17.

Despite claiming it was an instance of unauthorized access, the department categorized the breach as a hacking and IT incident and noted the information was found on network servers.

NRHN said it is investigating the breach’s severity and will only notify people who have been affected and that it reported the incident to a federal law enforcement agency.

NRHN has four inpatient hospitals in New Hampshire and more than 25 outpatient rehabilitation clinics across Massachusetts and New Hampshire.

The company said while it is still investigating the breach’s extent, the information that could have been stolen includes patients’ names, contact information, dates of birth, Social Security numbers, driver’s license and ID numbers, financial account information, diagnoses, treatments and health insurance information.

NRHN has asked for patients to remain vigilant and, if they believe they are a victim of this breach, to contact it by email at NRHNCyberInfo@northeastrehab.com.

— KATELYN SAHAGIAN/EAGLE-TRIBUNE