International Cyber Expo International Cyber Expo
  • About Us
Sunday, 12 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

HCA Healthcare Falls Victim to Data Security Incident

Tennessee-based based HCA Healthcare has confirmed a data security incident that sees approximately 11 million patients across 20 states have their data stolen.

by The Gurus
July 11, 2023
in Featured
HCA data breach
Share on FacebookShare on Twitter

One of the largest healthcare providers in the US, HCA confirmed the breach on Monday 10 July. The data was taken from an external storage location exclusively used to automate the formatting of email messages. Taken from its statement, HCA confirmed that the stolen list contains information used for email messages, such as reminders that patients may wish to schedule an appointment and education on healthcare programs and services.

It also confirmed the information taken did not include clinical information, such as treatment, diagnosis, or condition, payment information, such as credit card or account numbers or sensitive information, such as passwords, driver’s licence or social security numbers.

Discussing the breach, Darren James, Senior Product Manager at Specops Software, said: “Once again, we see that globally healthcare organisations are a high-value target for cyber criminals. HCA claims they offer cyber security awareness education to their employees and vendors, but this once again proves that training needs to be reinforced by policy. All organisations can improve their security posture quickly by improving and enforcing their password policy so that it complies with NIST and HIPAA requirements. Implementing 2FA/MFA reduces the risk even further. Allegedly HCA was contacted by the hacker on the 4th July, and the data, including that of 11 million patients, was offered for sale on a forum on the 5th July. It appears that no ransomware was deployed in this breach, or that it may have been contained, as HCA’s operations do not appear to have been affected so this attack seems to be driven purely for financial gain.” 

Looking at how the breach could have happened, Etay Maor, Senior Director of Security Strategy at Cato Networks, commented; “’The breach could have resulted from sophisticated methods like phishing, malware, ransomware, or exploiting vulnerabilities in the healthcare provider’s security. However, without further details, it remains challenging to attribute the breach to a specific source or determine its exact nature,”  

Maor went on to discuss how; “Healthcare organisations must take immediate action to strengthen cybersecurity measures in light of this concerning incident involving a major breach of personal data held by HCA. This serves as a stark reminder of the potential consequences of lax data security, including financial losses, legal liabilities, and reputational damage. To regain and maintain the trust of customers and stakeholders, healthcare entities must prioritise data protection by implementing stringent privacy policies, investing in robust cybersecurity infrastructure, and conducting regular audits to identify vulnerabilities. Proactive measures like employee training, encryption technologies, and continuous system monitoring are essential for safeguarding sensitive data. Collaboration and information sharing among organisations are critical in mitigating risks and combating evolving cyber threats. This serves as a wake-up call for healthcare organisations to prioritise data security not just for regulatory compliance, but also to ensure the trust and confidence of customers in an interconnected and data-driven world.”

Javvad Malik, lead security awareness advocate at KnowBe4 agrees with Maor on the possibly way this breach happened, saying; “When we look at healthcare breaches, the three most common ways that data is breached is through social engineering such as phishing emails, or through employees not taking care of their passwords and credentials. Either by reusing passwords, leaving machines unlocked in public areas, or having passwords written down on post-it notes on monitors. The third way is by exploiting unpatched software. What all of this points to is the lack of an overall culture of security, in which cyber security is embedded throughout the organisation and each department and individual playing their part in ensuring the safety of the information.” 

HCA’s statement also mentioned that its ongoing investigation has not identified evidence of any malicious activity on HCA Healthcare networks or systems related to this incident. The company disabled user access to the storage location as an immediate containment measure and plans to contact any impacted patients to provide additional information and support. 

ShareTweet
Previous Post

Cyber Mindfulness Corner Company Spotlight: Exabeam

Next Post

Cato Networks Extends ZTNA to Protect Against Insider Threats

Recent News

Cyber Shield

UK Government Unveils AI Powered Cyber Shield to Strengthen National Cyber Defense

July 10, 2026
KnowBe4 phishing by industry

Healthcare, Hospitality and Construction Named UK’s Most Phishing-Prone Industries

July 10, 2026
hand typing on keyboard

CitrixBleed 2 exploited in repeatable attack chain culminating in DragonForce ransomware, researchers find

July 9, 2026
malware

Huntress Uncovers ‘Vibe-Coded’ Malware Used to Map Active Directory Environments

July 8, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol