Delayed Reporting of HCA Healthcare Data Breach


The recent HCA Healthcare data breach of 11 million patients’ data is shaping up to be another ugly incident where a company did not promptly communicate with its customers. HCA Healthcare is a large American healthcare services organization that covers 180 hospitals and over two thousand care centers across 20 states. The loss of data is bad, as it includes 27 million rows and contains identity, contact, birthdate, and email data that potentially infer health diagnosis information.

But what is even more concerning is the company chose to not announce the breach and inform victims until after it was made public by security researchers who saw the data for sale on the dark web.

According to reports, the hacker contacted HCA on July 4th to extort money with a deadline of July 10th. The attackers provided a sample as proof of the breach on a hacking forum. On July 5th saw the data for sale on a darknet and reached out to HCA Healthcare, asking if they had been breached. HCA Healthcare did not respond.

It was not until July 10th that HCA Healthcare posted a notification that they were breached.

Image Source:

Why wait a week, which coincides with the ransom deadline? The delay was probably due to a lengthy investigation to confirm that sensitive data was exposed. A quick cross-check of the sample provided by the supposed attacker should have been sufficient. However, one could speculate they may have been considering paying the ransom, in hopes to keep the breach quiet — but that would be unethical. I hope that is not the case, but given the delay, it seems the public perception is leaning to be suspicious of HCA Healthcare’s motives, which will further erode customer trust and their brand. It may also lead to additional lawsuits.

The official notification, located on the HCA Healthcare site, provides a comprehensive list of facilities, organized by state, for customers to better understand if they are affected.

How do you rate this article?


Matthew Rosenquist
Matthew Rosenquist

Cybersecurity Strategist specializing in the evolution of threats, opportunities, and risks in pursuit of optimal security for our digital world.

Cybersecurity Tomorrow
Cybersecurity Tomorrow

Cybersecurity strategy perspectives for the emerging risks and opportunities of securing our digital world. The insights of today will lead to tomorrow's security, privacy, and safety foundations.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.