Over 882K impacted by Hospital Sisters Health System breach

Illinois-based non-profit healthcare system Hospital Sisters Health System had personal and health information from more than 882,000 patients compromised following an August 2023 cyberattack, which had disrupted its operating systems and phone lines, reports BleepingComputer.

Attackers who breached HSHS' systems from Aug. 16 to Aug. 27, 2023, were able to exfiltrate varying types of data from individuals, including a combination of names, birthdates, addresses, Social Security numbers, driver's license numbers, medical record numbers, health insurance details, and treatment information, said the health system, which operates hospitals and physician practices in Illinois and Wisconsin. All impacted individuals have been given complimentary credit monitoring for a year despite lacking evidence suggesting misuse of the compromised data. HSHS' disclosure comes after Connecticut-based healthcare provider Community Health Center confirmed having more than a million people impacted by an October data breach while UnitedHealth disclosed last year's Change Healthcare intrusion to have affected nearly 190 million Americans. Mounting health breaches have prompted the Department of Health and Human Services to propose additional cybersecurity safeguards under the Health Insurance Portability and Accountability Act.