History
2023: Data breach of 11m patients
On July 10, 2023, one of the largest hospital networks in the United States, HCA Healthcare, reported a hacker invasion. As a result of the attack, the personal data of approximately 11 million patients was leaked.
Data theft in medical institutions is considered one of the most serious, since attackers may have the most important information about a person at their disposal. In the case of the attack on HCA Healthcare, the external storage was leaked, which was only used to automate email messages, it said. The company said that law enforcement agencies and relevant structures have been informed about the incident. At the same time, it is emphasized that the daily work of the information infrastructure has not suffered.
It is said that cybercriminals were able to steal data containing a total of approximately 27 million lines. These are the names of patients, their cities of residence and postcode, email addresses and phone numbers, dates of birth, gender, dates of patient care, place and time of the next appointment.
At the same time, it is emphasized that the attackers could not steal such important data as clinical information - the prescribed treatment, diagnosis or condition of patients. In addition, hackers failed to gain access to payment information - credit card numbers and customer accounts of a medical organization. Confidential information such as passwords, driver's licenses or Social Security numbers were also not affected.
HCA Healthcare reported the event to law enforcement and hired outside forensic and threat analysis consultants. While our investigation continues, the company found no evidence of any malicious activity on HCA Healthcare networks or systems related to this incident, the official statement said.[1] |