3.7 Million Patients and Customers Hit in Arizona Cyber Attack
Banner Health, a nonprofit healthcare system based in Phoenix, announced 3.7 million individuals’ data was breached in a hacking incident. Hackers gained access to computer systems that process payment card data used to purchase food and beverages at some Banner locations and may have gained access to systems that stored protected health information (PHI), according to the organization’s statement.
The payment card breach began June 23 and was detected July 7. Banner released a list of affected locations. Breached payment card data includes:
- Cardholder name
- Card number
- Expiration date
- Internal verification code
This attack did not affect payment card systems used for medical services, Banner said in its statement.
On July 13, Banner discovered that the hackers also accessed some patients’ PHI beginning June 17. Hackers breached patient data as well as physician and provider information. Affected patient data includes:
- Names
- Addresses
- Birth dates
- Physician names
- Dates of service
- Claims information
- Health insurance information
- Social Security numbers
Banner notified affected individuals and the payment card networks. Affected patients, physicians, providers, and food and beverage customers are being offered free one-year credit monitoring services. Banks which issued the affected the cards will be notified by the payment card networks. Affected individuals are advised to carefully review any payment card transactions or insurance claims and report incorrect information to the payment card issuer or health insurer.