Data for Potentially Tens of Millions of HCA Healthcare Patients for Sale on Breach Forum
Barts Health NHS Trust added to ALPHV site, EU-US Data Privacy Framework approved, MA nears location data use ban, CA water facility contractor charged in hacking incident, much more
Metacurity is a reader-supported publication, and I need your help. Consider becoming a paid subscriber to receive new posts and support my work.
Personal information for potentially tens of millions of HCA Healthcare patients has been stolen and is now available for sale on a data breach forum as of earlier this week.
The provider claimed no clinical information had been disclosed, but a sample data set provided by the unnamed hacking group about a patient’s “low risk” lung cancer assessment would undercut HCA’s assessment that no material or protected health information was breached.
The hack affects patients in nearly two dozen states, including patients at dozens of facilities in Florida and Texas. The data sale was flagged on Twitter by Brett Callow of Emsisoft.
“This may be one of the biggest healthcare-related breaches of the year and one of the biggest of all time. That said, despite affecting millions of people, it may not be as harmful as ot…