A hacker has claimed responsibility for a data theft incident at Nashville, Tenn.-based HCA Healthcare and has allegedly stolen and posted more than 27 million records for sale on the dark web, DMagazine reported July 11.
The hacker posted the alleged HCA Healthcare data for sale on an online forum on July 5, according to the publication.
"Data is grouped by division into 17 files totaling to 27,700,000 rows. More data is included in the sale. HCA Healthcare have until July 10 to meet the demands," the hacker wrote in a post on a dark web forum.
The hacker also posted some examples of patient data they claimed to have stolen, including patients' names, phone numbers, emails, dates of birth, gender, what hospital they visited and when they visited the facility.
On July 10, HCA Healthcare provided a news release to Becker's stating that the theft affected 27 million rows of data that may include information of about 11 million HCA patients.
HCA could not confirm the exact number of individuals whose data was affected and couldn't pinpoint when the data was posted to the forum.
The data incident has not caused any disruption of services at HCA, and the health system is collaborating with law enforcement and third-party services in the investigation.