rivate healthcare operator HCA Healthcare revealed it has suffered a major data breach which has left approximately 11 million patients’ data compromised as a result of the attack, becoming the latest victim to the on going cyber threat.
The information was posted on an online forum “by an unknown and unauthorized party” and the estimated 27 million rows of data included information such as patient names, city, email, telephone number, date of birth, gender, in addition to patient service dates, location and next appointment dates.
HCA Health, which has 180 hospitals over 2300 sites in the US and UK, confirmed that there was no clinical information posted on the forum, such as treatment, diagnosis or condition nor were there payment information or sensitive information, such as passwords.
There has been no disruption to day-to-day operations however any patient that has received services from HCA could be affected by the leak and the incident has been reported to law enforcement as an investigation is underway.
Achi Lewis, Area VP EMEA for Absolute Software, commented:
“The volume of cyber-attacks will continue to remain high and each time, they act as a reminder that cyber security and cyber resiliency must remain a priority for organisations. Data plays a pivotal role in many businesses, and it is more important than ever that organisations reevaluate their cyber posture to ensure they are on the front foot, including cyber protections to protect against attacks, as well as measures to ensure resiliency to respond to attacks and secure systems and devices.”
“Attacks can cost organisations huge reputational and financial loss and while implementing protection methods is a great first step, this is only part of the way there to effectively protect an organisation. Being vigilant that an attack could occur at any moment should be the approach all businesses take to effectively prepare, including new technologies such as self-healing tech that can lock devices if they become vulnerable, automatically update core systems, and ensure devices are back online as quickly as possible. Attacks can cause havoc for businesses which can continue for weeks and even months meaning proper cyber protections should be high on the agenda for all businesses.”
