Hospitals, Health IT

Banner Health hacked, exposing data on 3.7M people

This incident doesn’t seem to have targeted only patient records. Instead, at least one hack hit food and beverage stations at Banner facilities in four states.

Banner Health

Banner Health is the latest major health system to fall victim to cyberattacks, but this incident doesn’t seem to have targeted only patient records. Instead, at least one hack hit food and beverage stations at Banner facilities in four states.

The Phoenix-based  organization disclosed Wednesday that it is contacting 3.7 million people — patients, health plan members, clinicians and visitors who purchased food and beverages at many locations.

Sponsored Post

Physician Targeting Using Real-time Data: How PurpleLab’s Alerts Can Help

By leveraging real-time data that offers unprecedented insights into physician behavior and patient outcomes, companies can gain a competitive advantage with prescribers. PurpleLab®, a healthcare analytics platform with one of the largest medical and pharmaceutical claims databases in the United States, recently announced the launch of Alerts which translates complex information into actionable insights, empowering companies to identify the right physicians to target, determine the most effective marketing strategies and ultimately improve patient care.

Banner said that it discovered July 7 that hackers “may have gained unauthorized access to computer systems that process payment card data at food and beverage outlets” between June 23 and July 7. The attack sought credit and debit card information at 27 food stands in Arizona, Alaska, Colorado and Wyoming.

On July 13, Banner Health then discovered a breach of patient, beneficiary and staff data that the organization said began June 17. According to the health system:

The patient and health plan information may have included names, birthdates, addresses, physicians’ names, dates of service, claims information, and possibly health insurance information and social security numbers, if provided to Banner Health. The physician and provider information may have included names, addresses, dates of birth, social security numbers and other identifiers they may use.

Banner Health said it stopped accepting electronic payment cards for food and beverage for an unspecified time period, but that it has since gone back to accepting credit and debit cards.

Banner will offer a year of credit monitoring to the 3.7 million people affected by these breaches. The organization has set up a website and a hotline (855-223-4412) to answer questions about the incidents.

Photo: University of Arizona