HCA Healthcare has revealed that it has suffered a massive data breach affecting approximately 11 million patients.
The private health care operator said the information was posted to an online forum “by an unknown and unauthorized person” and discovered on July 5, 2023.
Approximately 27 million rows of data include patient visit dates, locations, next appointment dates, and personal information such as patient name, city, state, zip code, email, phone number, date of birth, and gender. was included.
Read more: ENISA: Ransomware Makes Up More Than Half of Healthcare Cyber Threats
The HCA emphasized that no clinical information such as treatments, diagnoses or conditions were posted on the forum. Payment information such as credit card numbers and account numbers. Or sensitive information such as passwords, driver’s licenses, social security numbers.
In addition, HCA Healthcare’s daily operations will not be disrupted.
The company, which operates 180 hospitals and more than 2,300 facilities in 20 US states and the UK, said patients served at HCA-affiliated hospitals and clinics in the US could be affected by the data breach. .
HCA patients are advised to be careful when identifying social engineering scams through phone calls, emails and SMS texts.
The health care provider said it reported the incident to law enforcement and is working with third-party forensic and threat intelligence advisers to investigate what happened. It added, “We have not seen any evidence of malicious activity on HCA Healthcare’s networks or systems related to this incident.”
supply chain attack
The breach appears to be the result of a third-party breach, and HCA has revealed that data was stolen from an external repository of an unnamed software system used to automate the formatting of email messages. .
Norminet government cybersecurity expert Steve Forbes said the first details of the breach had similarities to the breach of systems at business process outsourcing giant Capita, which handles NHS data.
He commented: “Healthcare providers should closely monitor their supply chains, as well as their own cybersecurity posture, to ensure that the providers they handle data are taking appropriate steps to prevent breaches of their organization’s data. Too often, services are implemented with cybersecurity ticked in procurement documents, rather than spending time thoroughly understanding how they are kept secure.”
