HCA Healthcare patient data stolen and for sale by hackers

personal information of tens of millions of HCA Healthcare Patients was stolen and is now available for sale on a data breach forum from earlier this week.

HCA, one of the largest in the United States, first I confess hack earlier today. In a statement, it warned patients that important personal information had been compromised, including their full name, city, and when and where they last saw a provider.

Shares of the healthcare giant closed more than 1.4% higher in Monday’s trading, unchanged after hours.

The provider claimed that no clinical information was disclosed.

But DataBreaches.net mentioned On Monday, the unnamed hacking group provided them with a sample set of data on a patient’s assessment of “low-risk” lung cancer, which would apparently undermine HCA’s assessment that no protected health material or information had been breached.

The breakthrough affects patients in nearly two dozen states, including patients at dozens of facilities in Florida and Texas. The data sale was reported on Twitter by Brett Callow, an analyst with New Zealand-based Emsisoft.

“This may be the largest healthcare-related abuse of the year, and one of the largest ever. However, despite affecting millions of people, it may not be as harmful as other abuses, based on HCA’s statement, it is not,” Kalow told CNBC. : “It appears to have affected diagnoses or other medical information.”

However, the hacker claimed to have “health diagnosis emails that match the customer ID,” Calo noted.

Patient data breaches are not uncommon, but they can vary in scope and impact. The HCA breach did not appear to include critical medical records, and the company said the breached data originated in an “external storage location used exclusively to automate the formatting of emails.”