More than 1.3 million people were impacted in a data breach at Broward Health, the Florida hospital system has revealed.
The incident was disclosed on January 1, 2022, when the organization announced that unauthorized access to a third-party medical provider resulted in patient and employee data being compromised.
The threat actor gained access to the system on October 15 and the intrusion was discovered on October 19, the organization said.
On January 1, Broward Health, which operates over 30 healthcare facilities in Broward County, started informing the impacted individuals of the incident.
A copy of the notification letter submitted to the Maine Attorney General’s Office reveals that potentially compromised data includes names, birth dates, contact information (addresses and phone numbers), driver’s license numbers, Social Security numbers, financial information, insurance data, and medical information such as condition, diagnosis, medical history, treatment and medical record number.
“This personal information was exfiltrated, or removed, from Broward Health’s systems, however, there is no evidence the information was actually misused by the intruder,” the company said.
Broward Health also told the Maine Attorney General’s Office that the data of roughly 1,358,000 people was impacted in the incident.
The organization says that it has reset passwords of employees, has implemented multi-factor authentication on all systems, and has started implementing “minimum-security requirements for devices that are not managed by Broward Health Information Technology that access our network, which will become effective in January 2022.”
Broward Health also says that it does not have indications that the compromised information might have been misused or used to commit fraud.
Related: Broward Health Hit With Data Breach on Patients, Staff
Related: Saltzer Health Informs Patients of Personal Information Exposure
Related: Utah Medical Group Discloses Data Breach Affecting Over 580,000 Patients
More from Ionut Arghire
- Critical WooCommerce Payments Vulnerability Leads to Site Takeover
- PoC Exploit Published for Just-Patched Veeam Data Backup Solution Flaw
- CISA Gets Proactive With New Pre-Ransomware Alerts
- CISA, NSA Issue Guidance for IAM Administrators
- Cisco Patches High-Severity Vulnerabilities in IOS Software
- ‘Nexus’ Android Trojan Targets 450 Financial Applications
- ‘Badsecrets’ Open Source Tool Detects Secrets in Many Web Frameworks
- Chrome 111 Update Patches High-Severity Vulnerabilities
Latest News
- US Charges 20-Year-Old Head of Hacker Site BreachForums
- Tesla Hacked Twice at Pwn2Own Exploit Contest
- CISA Ships ‘Untitled Goose Tool’ to Hunt for Microsoft Azure Cloud Infections
- Critical WooCommerce Payments Vulnerability Leads to Site Takeover
- PoC Exploit Published for Just-Patched Veeam Data Backup Solution Flaw
- CISA Gets Proactive With New Pre-Ransomware Alerts
- Watch on Demand: Supply Chain & Third-Party Risk Summit Sessions
- TikTok CEO Grilled by Skeptical Lawmakers on Safety, Content
