US Health System Notifies 882,000 Patients of August 2023 Breach 5
An anonymous reader quotes a report from BleepingComputer: Hospital Sisters Health System notified over 882,000 patients that an August 2023 cyberattack led to a data breach that exposed their personal and health information. Established in 1875, HSHS works with over 2,200 physicians and has around 12,000 employees. It also operates a network of physician practices and 15 local hospitals across Illinois and Wisconsin, including two children's hospitals. The non-profit healthcare system said in data breach notifications sent to those impacted that the incident was discovered on August 27, 2023, after detecting that the attacker had gained access to HSHS' network.
After the security breach, its systems were also impacted by a widespread outage that took down "virtually all operating systems" and phone systems across Illinois and Wisconsin hospitals. HSHS also hired external security experts to investigate the attack, assess its impact, and help its IT team restore affected systems. [...] While the incident and the resulting outage have all the signs of a ransomware attack, no ransomware operation has claimed the breach. Following the forensic investigation, HSHS found that the attackers had accessed files on compromised systems between August 16 and August 27, 2023.
The information accessed by the threat actors while inside HSHS' systems varies for each impacted individual, and it includes a combination of name, address, date of birth, medical record number, limited treatment information, health insurance information, Social Security number, and/or driver's license number. While HSHS added that there is no evidence that the victims' information has been used in fraud or identity theft attempts, it warned affected individuals to monitor their account statements and credit reports for suspicious activity. The health system also offers those affected by the breach one year of free Equifax credit monitoring.
After the security breach, its systems were also impacted by a widespread outage that took down "virtually all operating systems" and phone systems across Illinois and Wisconsin hospitals. HSHS also hired external security experts to investigate the attack, assess its impact, and help its IT team restore affected systems. [...] While the incident and the resulting outage have all the signs of a ransomware attack, no ransomware operation has claimed the breach. Following the forensic investigation, HSHS found that the attackers had accessed files on compromised systems between August 16 and August 27, 2023.
The information accessed by the threat actors while inside HSHS' systems varies for each impacted individual, and it includes a combination of name, address, date of birth, medical record number, limited treatment information, health insurance information, Social Security number, and/or driver's license number. While HSHS added that there is no evidence that the victims' information has been used in fraud or identity theft attempts, it warned affected individuals to monitor their account statements and credit reports for suspicious activity. The health system also offers those affected by the breach one year of free Equifax credit monitoring.
The article (Score:1)
In perspective (Score:1)
Leon just got into every American's tax records. Nobody is rioting in the streets over it, so no big deal, right? Hell, we should start having "Data breach Wednesdays" where IT sets all the passwords to 12345 (hey, I've got the same combination on my luggage!) and just let the hackers have at it.
Established in 1875 (Score:2)
And still using the same passwords as back then...
Where are the consequences? (Score:2)
I assume the information obtained from all these breaches over the past few years where the ransom was not paid must have been put to some use by the threat actors to reap a profit or inflict damage. But I don't recall seeing any news reports of unauthorized use of that information. These reports of breaches always end with "there is no evidence this information has been used".
So, what is happening with that information? Is it being used for nefarious means but not widely reported? Or is it not being used?