HCA data breach may have exposed 11 million patients' records, some posted online

Nashville, Tenn.-based HCA Healthcare reported a cybersecurity incident exposing the information of 11 million patients.

The health system, which includes 180 hospitals and 153 ASCs, reported July 10 an unauthorized party posted patient data to an online forum. The posted data includes patient names, emails, phone numbers, birth dates, service date, location and zip code.

Patients' credit card, Social Security numbers and diagnoses were not breached.

According to HCA, the information was taken from an external storage location used to automate formatting of email messages and the incident did not disrupt patient care. The company doesn't believe the incident will materially impact its business, operations or financial results.

HCA disabled user access to the storage location and plans to contact the 11 million patients affected to provide additional information and support.

Subscribe to the following topics: nashvillehca healthcarecybersecurityincidentpatient data

Copyright © 2025 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


You can unsubscribe from these communications at any time. For more information, please review our Privacy Policy.
 

Articles We Think You'll Like

Featured Whitepapers

Featured Webinars

Thank you so much for your interest in our content. Please register to access this complimentary archived content. By registering, you will receive our newsletter which can be opted out of at any time.

 

 

Already Registered? Click here to confirm.