HCA Healthcare this week announced that the personal information of roughly 11 million patients was compromised in a data breach.
The organization discovered the security breach on July 5 when a threat actor claimed the hack on an underground forum.
As proof of the hack, the threat actors posted stolen info for some of the patients, including:
The info was exfiltrated from an external storage location that was exclusively used to automate the formatting of email messages.
The incident did not expose
HCA Healthcare launched an investigation into the security breach with the help of third-party forensic and threat intelligence advisors. The company also notified law enforcement and the investigation is still ongoing. At the time of this publishing, the company has yet to identify evidence of malicious activity on its networks or systems related to this incident.
“We do NOT believe that clinical information (such as treatment, diagnosis, or condition), payment information (such as credit card or account numbers), or other sensitive information (such as passwords, driver’s license or social security number) is involved.” states the company. “The investigation is ongoing and we cannot confirm the number of individuals whose information was impacted. HCA Healthcare believes that the list contains approximately 27 million rows of data that may include information for approximately 11 million HCA Healthcare patients.”
In response to the incident, HCA Healthcare disabled user access to the storage location.
“There has been no disruption to the care and services HCA Healthcare provides to patients and communities. This incident has not caused any disruption to the day-to-day operations of HCA Healthcare. Based on the information known at this time, the company does not believe the incident will materially impact its business, operations or financial results.” concludes the company.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)