HCA Healthcare Data Breach: 11 Million Patients Affected

In a recent disclosure, HCA Healthcare revealed a data breach that has impacted approximately 11 million patients who have received care at their hospitals and clinics. The breach occurred when a threat actor leaked samples of the stolen data on a hacking forum.

HCA Healthcare: A Leading Healthcare Provider

HCA Healthcare is a prominent healthcare facility owner and operator in the United States and the United Kingdom. With 182 hospitals and 2,200 care centers across 21 U.S. states and the UK, it is one of the largest healthcare providers in America.

Source: DataBreaches.net

According to DataBreaches.net, a threat actor started selling data claimed to belong to HCA Healthcare on a forum dedicated to selling and leaking stolen data on July 5th, 2023. The hacker posted samples of the stolen database, which allegedly contains 17 files and 27.7 million database records.

The threat actor stated that the stolen data consists of patient records created between 2021 and 2023.

Initially, the threat actor attempted to blackmail HCA Healthcare rather than offering the database for sale. They set a deadline of July 10th for HCA Healthcare to meet their undisclosed demands, which are most likely related to financial gain. However, when HCA Healthcare failed to respond, the hacker proceeded to sell the entire database. Other threat actors have shown interest in purchasing the data as well.

Yesterday, HCA Healthcare confirmed the authenticity of the leaked data on the hacking forum. The stolen database has affected approximately 11 million individuals.

According to an HCA Healthcare data breach notification, it is estimated that the list contains around 27 million rows of data, potentially belonging to 11 million HCA Healthcare patients.

HCA Healthcare reports that the data was stolen from an external storage location used for formatting patient email messages.

Despite the breach, HCA Healthcare assures that there has been no disruption to the care and services provided to patients and communities.

What Companies Were Affected in the MOVEIt Breach and the HCA Data Breach?

Million people’s data exposed in moveit breach: The MOVEIt breach left numerous companies vulnerable to data exposure. Among the affected, global consulting firm Accenture confirmed a portion of their data was compromised, while Singtel, a major telecommunications company in Singapore, was also impacted. Additionally, the HCA data breach affected healthcare systems, such as Universal Health Services, exposing sensitive information of millions of individuals. These incidents highlight the need for stringent cybersecurity measures to safeguard sensitive data and protect both companies and individuals from potential harm.

Data Exposed in the Breach

The stolen data includes the following information:

• Full names
• City, state, and ZIP code
• Email address
• Telephone number
• Date of birth
• Gender
• Service date and location
• Next appointment date

Threat actors who obtain this data can use it for phishing attacks and scams, enabling them to launch convincing social engineering attacks against the affected individuals.

HCA Healthcare believes that the stolen data does not contain detailed clinical information, payment information such as credit card and bank account numbers, or other sensitive information like passwords, social security numbers, and driver’s licenses.

The organization has promptly informed law enforcement agencies about the incident and is conducting an investigation to ensure that their networks and systems are free from any malicious activity that may indicate ongoing unauthorized access.

As an urgent containment measure, access to the breached storage location has been disabled. HCA Healthcare is also working on implementing additional security and data protection measures.

For a comprehensive list of the impacted facilities across the country, please refer to HCA Healthcare’s announcement.