DEVELOPING: HCA Healthcare patient data for sale on hacking forum?

Posted on by Dissent

A new user on a hacking forum has listed patient data from HCA Healthcare for sale.

“As of 2021, HCA Healthcare is ranked #62 on the Fortune 500 rankings of the largest United States corporations by total revenue.” the seller writes, adding

Data is grouped by division into 17 files totaling to 27,700,000 rows. More data is included in the sale.

HCA Healthcare have until the 10th to meet the demands.

The demands are not specified in the post.

The field headers in the sample are:

Encounter_Id|Person_DW_Id|EMPI_Text|MRec_dt|First_Name|Last_Name|City|State|Zip_Code|Phone|Decade|Email_Address|Date_of_Birth|Birthday_Month|Patient_Age_Months|Gender|Coid|Coid_Name|Division|Facility_DW_Id|Facility_Name|Next_Appt_Date|Next_Appt_Booked_Date|Tokenized_Campaign|Source_System_Name|MHO_Id

 

The Tennessee-headquartered healthcare provider did not reply immediately to an email asking them if they had experienced a breach and were aware that data allegedly from them was up for sale on a hacking forum.

This is a developing story that will be updated.

Update 1: The seller tells DataBreaches that they are also the hacker, and that they contacted HCA on July 4 to make contact. Whether HCA Healthcare responded is as yet unknown to DataBreaches.


Related:

Category: HackHealth DataU.S.