US healthcare giant HCA Healthcare announced that about 11 million patients’ data has been stolen and was posted on an online forum. In an announcement made on July 10, 1023 on its web site, HCA Healthcare said that stolen data included Patient name, city, state, and zip code; Patient email, telephone number, date of birth, gender; and Patient service date, location and next appointment date. The company further confirmed that the data didn’t include client health information, payment information such as credit cards or account numbers, or personal information, such as passwords, driver’s license or social security numbers.
It’s not clear how the data was stolen. The company said the data theft was from “an external storage location exclusively used to automate the formatting of email messages.” The company disabled user access to the storage location as an immediate containment measure and plans to contact any impacted patients to provide additional information and support.
HCA Healthcare operates 182 hospitals and over 2,300 sites of care in 20 US states and the United Kingdom, employing 290,000 people.
Read more about it here.