HCA Healthcare Admits Massive Data Breach

Eleven million Americans in twenty states, whose only desire was to take care of their health, have now had their data leaked by the facility they trusted with that data; their hospital.

HCA (Hospital Corporation of America) announced that on July 5th, they learned of a data breach. On July 10th, HCA made the public announcement of the “data security incident”, and since then millions of HCA patients have been receiving emails informing them in a very businesslike way, that their personal data is now likely on the dark web, being traded about like cigarettes in prison (but we don’t actually KNOW that part – Ed.).

According to HCA (one of the United States’ largest healthcare providers) the theft occurred from an “external storage location”. The stolen data includes, full names, full physical and email addresses, phone numbers, date of birth, gender, service locations and dates, and next appointment date. Hey, at least they didn’t get any HIPAA protected health information – or at least HCA at this time believes the theft did not include any clinical information.

Since the announcement and emails, HCA Healthcare has had at least four class action lawsuits filed against them. This may be little condolence to those realizing that Kim Jong Un is reading all about their erectile dysfunction for laughs over his breakfast cereal. All jokes aside, this information can pose a major risk to patients whose demographics makes them prime targets for phishing and phone scams.

A more in depth exploration can be read at Bleeping Computer, and many other national news outlets have some coverage as well.