Two major healthcare networks have disclosed data breaches that exposed sensitive information of over 1.5 million patients, highlighting ongoing cybersecurity challenges in the healthcare sector.
Connecticut's Community Health Center Inc. reported that 1,060,936 current and former patients were impacted by a cyberattack discovered on January 2. The breach exposed sensitive health records including names, addresses, phone numbers, diagnoses, treatment details, test results, health insurance information, and Social Security numbers.
The organization indicated they detected and stopped the unauthorized access within hours. While the hacker did not delete or lock any data, they managed to extract substantial amounts of protected health information. Affected individuals will receive two years of identity protection services and access to a $1 million insurance reimbursement policy.
In a separate incident, NorthBay Healthcare in California reported a breach affecting 569,012 people. The nonprofit healthcare system, which operates two hospitals and multiple medical facilities in northern California, experienced unauthorized system access between January 11 and April 1 last year.
The NorthBay breach exposed highly sensitive data including Social Security numbers, passport details, financial records, medical information, and complete credit/debit card details with security codes. The Embargo ransomware group claimed responsibility for the attack, which disrupted hospital operations and led to canceled appointments.
NorthBay Healthcare is offering impacted individuals one year of identity protection services. Both healthcare organizations have implemented additional security measures following these incidents.
These breaches underscore the healthcare sector's vulnerability to cyber threats and the massive scale of potential data exposure when security defenses are compromised.