At least 11 million potentially compromised in HCA hack

by John R. Fischer, Senior Reporter | July 18, 2023
Cyber Security Health IT
The information of at least 11 million people in a data breach at HCA Healthcare facilities.
In what is one of the biggest healthcare breaches in history, at least 11 million patients across the U.S. who sought care at an HCA Healthcare facility may have had potentially sensitive information hacked.

The attacker breached an external storage location for automating the format of email messages on July 5, accessing 27 million rows of data that contained patient names, cities, states, zip codes, email addresses, telephone numbers, dates of birth, gender, patient service dates, locations, and next appointment dates.

The attack affects patients in 20 states, including California, Florida, Georgia, and Texas, reported CBS News.

HCA says that the attackers did not steal information on patients' treatment or diagnosis, payment information, passwords, driver's license numbers, or social security numbers.

But, which first " target="blank">reported the incident, says that it has been in contact with the hacker who told it that they originally gave HCA until July 10 to pay an unspecified ransom, and that they “have emails with health diagnosis that correspond to a clientID.” While they did not provide specific evidence of this, they did send a sample of code that said, "Following up about your lung cancer assessment,” wrote

"The company disabled user access to the storage location as an immediate containment measure and plans to contact any impacted patients to provide additional information and support, in accordance with its legal and regulatory obligations, and will offer credit monitoring and identity protection services, where appropriate," said HCA in a statement.

The healthcare provider, which is based in Nashville, runs 180 hospitals and approximately 2,300 ambulatory care locations in 20 states and the U.K. It is warning patients not to pay any invoices or bills without calling it to verify if the claims are legitimate.

The attack, it says, has not disrupted day-to-day operations, and it does not expect it to affect its business or finances. It has not identified any “malicious activity on HCA Healthcare networks or systems related to this incident,” but has contacted law enforcement, as well as third-party forensic and threat intelligence advisors to investigate the incident.

The data is now up for sale, according to

Back to HCB News

You Must Be Logged In To Post A Comment