11M HCA Healthcare Patients Impacted by Data Breach

The hackers posted up for sale stolen HCA Healthcare data on Dark Web forum.

HCA Healthcare, operator of a massive hospital and healthcare services network in the US and UK that serves 35 million medical consumers per year, has announced that it was compromised, leading to the theft of personal data on more than 11 million of its patients.
News of the breach first broke on July 5, when reports emerged of
stolen HCA Healthcare data
being offered up for sale on a Dark Web hacker forum.
Data is grouped by division into 17 files totaling to 27,700,000 rows. More data is included in the sale, the threat actors explained on the site, according to reports. HCA Healthcare have until the 10th to meet the demands.
The post didnt include any specific
ransom demands
, a DataBreaches.net report added. On July 10, HCA Healthcare
announced the cyberattack
.
HCA Healthcare acknowledged that
patient data
, including names, contact information, dates of birth, appointment details, and more were stolen in the cyberattack. Compromised data did not include any financial information like medical diagnoses or treatments, credit card numbers, passwords, or social security numbers, HCA Healthcare added.
HCA said its investigations are ongoing, and theres no word on who the perpetrators are.
This appears to be a theft from an external storage location exclusively used to automate the formatting of email messages, HCA said in its
announcement of the data breach
. There has been no disruption to the care and services HCA Healthcare provides to patients and communities.
Although Avishai Avivi, CISO at SafeBreach acknowledges the compromise is significant, he explained in a statement provided to Dark Reading, the fact that none of the leaked data included protected health information (PHI) is a positive outcome for HCA Healthcare.
Even though the information elements that were included can be used by malicious actors to craft better phishing campaigns, the information is not much different than the paper phone books we used to get for free in the mail, Avivi explained. It is actually a good indicator, considering the target — HCA, that the organization was practicing good cyber hygiene and was limiting the data elements that were shared externally.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
11M HCA Healthcare Patients Impacted by Data Breach