NYC Health Records Hack: 1.8 Million Patients' Data Stolen

Nearly 1.8 million people in New York are affected by a massive health data breach. This is one of the largest healthcare hacks this year.
By Newsroom | Health, Technology |

NYC Health and Hospitals (NYCHHC), the largest public health system in the United States, recently revealed that hackers accessed its network, compromising the medical records of approximately 1.8 million individuals. The breach, which was detected on February 2, had been ongoing since November.

Medical records of 1.8 million stolen in attack on largest US public health provider - 1

The compromised data is extensive and deeply personal. Beyond standard medical histories, the intruders gained access to sensitive identifiers like Social Security numbers, driver's license numbers, and taxpayer identification numbers. Financial details were also exposed, including credit and debit card numbers, financial account information, and online account credentials. In a particularly alarming development, the breach also included highly sensitive biometric data, such as fingerprints and palm prints, information that, once stolen, cannot be replaced or altered by the affected individuals. Billing and payment information were also part of the stolen trove.

Read More: Maui float therapy helps wildfire survivors with PTSD concerns

Medical records of 1.8 million stolen in attack on largest US public health provider - 2

Nature of the Breach

The hackers were able to access NYCHHC's network, leading to the exfiltration of personal and medical information. The exact methods used to gain entry and extract the data are still under investigation. However, the scale and type of information compromised point to a sophisticated and targeted operation. Victims have been advised to consider placing fraud alerts or security freezes on their credit files to mitigate potential identity theft and financial fraud.

Medical records of 1.8 million stolen in attack on largest US public health provider - 3

Broader Context of Healthcare Breaches

This incident is not an isolated event but fits into a larger, concerning pattern within the US healthcare sector. In 2024 alone, nearly 600 such 'hacking/IT incidents' were reported, affecting millions of patient records. These breaches frequently involve ransomware attacks and compromise a wide array of personal and medical details, from names and dates of birth to insurance information and treatment specifics. Healthcare business associates also represent a significant point of vulnerability, with a substantial number of incidents stemming from their systems. The financial ramifications are also considerable, with the US consistently reporting the highest average total cost for data breaches annually.

Read More: Free Recycling For Old Computers And Printers Available Now

Medical records of 1.8 million stolen in attack on largest US public health provider - 4

The persistence of these breaches highlights ongoing challenges in safeguarding sensitive patient data within a complex and increasingly digitized healthcare landscape.

Frequently Asked Questions

Q: What happened at NYC Health and Hospitals recently?
Hackers broke into the computer network of NYC Health and Hospitals, the largest public health system in the US. They stole personal and medical information from about 1.8 million people.
Q: What kind of patient information was stolen from NYC Health and Hospitals?
The stolen data includes names, addresses, Social Security numbers, driver's license numbers, and financial details like credit card numbers. Very sensitive biometric data, such as fingerprints and palm prints, was also taken.
Q: When did the NYC Health and Hospitals cyberattack happen?
The system first noticed the hack on February 2, but the hackers had been accessing data since November. The full extent of the breach is still being investigated.
Q: How does this NYC Health and Hospitals hack compare to other healthcare breaches?
This is a very large breach. In 2024, there have been many similar hacking incidents in the US healthcare system, affecting millions of patient records and costing a lot of money to fix.
Q: What should people do if their data was stolen from NYC Health and Hospitals?
People whose information was stolen should consider placing fraud alerts or security freezes on their credit reports to help prevent identity theft and financial fraud.