CommonSpirit ransomware attack exposes the personal information of over 623,000 patients

Share post:

A ransomware attack in October accessed 623,774 patients’ patient information, according to Chicago-based CommonSpirit Health.

Beginning in early October, the cyberattack caused significant IT outages and consultation instabilities across the health system’s nationwide network of hospitals.

This figure was made public on the U.S. Department of Health breach portal, where healthcare organizations are required by law to report data breaches affecting more than 500 people.

According to CommonSpirit, someone obtained personal information from Franciscan Health and/or Franciscan Medical Group in Washington state. According to an investigation, hackers gained access to portions of CommonSpirit’s network between September 16, 2022 and October 3, 2022.

On December 1, 2022, the organization published the latest findings of its internal investigation into the security incident, admitting for the first time that the ransomware actors had accessed patient data.

Names, addresses, dates of birth, phone numbers, and unique internal IDs used only by CommonSpirit could have been among the information accessed. The health system stated that it has no evidence that any of the information was misused and has begun notifying those who have been affected.

The sources for this piece include an article in Bleepingcomputer.

SUBSCRIBE NOW

Related articles

Sleeper Supply Chain Attack Activates After 6 Years

A coordinated supply chain attack has compromised between 500 and 1,000 e-commerce websites by exploiting vulnerabilities in 21...

Russian-Controlled Open Source Tool Raises Alarms Over U.S. Cybersecurity

A widely used open-source Go library, easyjson, used in healthcare, finance and even defence has come under scrutiny...

Signal Archiving Tool Used By Trump Admin Is Breached, Raising Alarms Over Messaging Security (EDITORIAL)

(EDITORIAL) A messaging tool used by Trump administration officials to archive encrypted Signal messages has been hacked —...

Anthropic Warns: AI “Virtual Employees” Could Pose Security Risks Within a Year

Anthropic, a leading artificial intelligence company, anticipates that AI-powered virtual employees could begin operating within corporate networks as...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways