Phoenix-based Banner Health is notifying patients of a cyberattack that compromised patient records.
How many victims? 3.7 million potential victims
What type of information? Names, birthdates, address, physician names, dates of service, clinical information, possibly health insurance information, and Social Security numbers were all compromised in the breach.
What happened? On June 17, attackers gained unauthorized access to information stored on an unspecified number of Banner Health computer servers after an attack was initiated.
What was the response? On July 13, administrators learned of the incident and launched an investigation, hired a forensics firm, took steps to block the attacks and contacted law enforcement.
Quote: “According to our information, the incident may be related to the same group that previously attacked several U.S.-based healthcare institutions (in March/April 2016). As of today [Aug. 4], the stolen data is not available for sale in the underground,” Andrew Komarov, chief intelligence officer at InfoArmor, told SCMagazine.com via emailed comments.
Source: Data Breach notification letter/Andrew Komarov, chief intelligence officer, InfoArmor