CommonSpirit ransomware attack exposes the personal information of over 623,000 patients

Share post:

A ransomware attack in October accessed 623,774 patients’ patient information, according to Chicago-based CommonSpirit Health.

Beginning in early October, the cyberattack caused significant IT outages and consultation instabilities across the health system’s nationwide network of hospitals.

This figure was made public on the U.S. Department of Health breach portal, where healthcare organizations are required by law to report data breaches affecting more than 500 people.

According to CommonSpirit, someone obtained personal information from Franciscan Health and/or Franciscan Medical Group in Washington state. According to an investigation, hackers gained access to portions of CommonSpirit’s network between September 16, 2022 and October 3, 2022.

On December 1, 2022, the organization published the latest findings of its internal investigation into the security incident, admitting for the first time that the ransomware actors had accessed patient data.

Names, addresses, dates of birth, phone numbers, and unique internal IDs used only by CommonSpirit could have been among the information accessed. The health system stated that it has no evidence that any of the information was misused and has begun notifying those who have been affected.

The sources for this piece include an article in Bleepingcomputer.

SUBSCRIBE NOW

Related articles

Hackers Plant False Memories in ChatGPT to Steal User Data

A security researcher has uncovered a vulnerability in ChatGPT that could allow hackers to store false information and...

“Octo2” Trojan Targets Bank Accounts by Posing as VPN or Chrome Apps on Android

A new malware variant called “Octo2” is spreading across Android devices by posing as popular apps like NordVPN...

Evilginx – Open source tool can bypass Multi-Factor Authentication (MFA)

Security vendor Abnormal Security is reporting a new cybersecurity tool that is gaining traction among cybercriminals. The tool,...

Kaspersky’s exit from US market frightens some customers

Kaspersky, the Russian cybersecurity firm, has unexpectedly removed its antivirus software from U.S. customers' computers, replacing it with...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways