HCA Healthcare, one of the largest healthcare companies in the US, announced on July 10God’ It was the target of a massive data breach.
The cyber attack affected 1,038 hospitals and doctors’ clinics in 20 countries. In total, 11 million patients in 20 states, including California, Florida, Georgia and Texas, had their personal data stolen. The incident is one of the largest health violations in history.
What kind of data was stolen?
The company discovered the data breach on July 5God’. So far, it seems the hackers have managed to infiltrate:
- Full names, date of birth and gender,
- Data regarding the city, state and zip code,
- Contact data, such as emails and phone numbers,
- Date of service, location and date of the patients next appointment.
The threat actor claimed to have 27.7 million records and has already put up for sale, on the Apple forum, almost a million records. Initially, the hacker tried to obtain a ransom from HCA Healthcare. Since the company did not respond to the blackmail, the malicious actor put the entire database up for sale. According to him, the stolen records were created between 2021 and 2023.
HCA Healthcare believes the list contains approximately 27 million rows of data that may include information for approximately 11 million HCA Healthcare patients, explains HCA Healthcare Data breach notification.
HCA says the data was stolen from an “external storage location” used to format patient emails.
How to prevent and mitigate data breaches
Threat actors can use leaked data to launch phishing and social engineering attacks. However, HCA Healthcare says the stolen data does not include information about conditions, diagnosis, credit card and bank account numbers, passwords or other particularly sensitive details.
The company notified law enforcement and the investigation is currently ongoing. In addition, the organization began to enforce additional security and information protection measures.
To prevent and reduce data breaches and data loss, cyber security experts recommend:
- Fix known vulnerabilities in a timely manner.
- Test and improve the security of your cloud storage.
- Use a DNS filtering solution to block any malicious communication, whether it’s internal or external. AI-powered filtering engines can predict with 96% accuracy whether a domain is malicious. The detection works even if the domain is not on the blacklist. This stops communication to the C2 servers and thus makes data extraction impossible.
If you liked this article, follow us LinkedIn, Twitter, Facebookand YouTubeFor more news and topics on cyber security.
Antivirus is no longer enough to maintain the security of the organization’s systems.
Heimdal® Threat Prevention – Endpoint
Is our next generation proactive DNS layer security that stops unknown threats before they reach your system.
- Machine learning-driven scans for all incoming online traffic;
- Stops data breaches before sensitive information can be exposed to the outside;
- Advanced DNS, HTTP and HTTPS filtering for all your endpoints;
- Protection against data leaks, APTs, ransomware and exploits;
