Indianapolis-based Eskenazi Health began notifying more than 1.5 million patients and employees that their data may have been exposed after hackers leaked protected health information to the dark web Fox affiliate WXIN reported Nov. 17.
Four things to know:
- The hospital shut down its computer network and went on diversion Aug. 4 in response to an attempted ransomware attack. Hackers accessed the hospital's network on or about May 19. They also stole patient and employee data and posted some of the information on the dark web. The hospital reported to HHS that 1,515,918 individuals were affected by the breach.
- In notification letters dated Nov. 11, patients are being notified of the cyberattack that began in May. The notification alerts patients that hackers breached the hospital's network using a malicious internet protocol address. Patients' names, Social Security numbers, driver's license numbers, credit card information and medical-related information might have been exposed.
- Todd Harper, a spokesperson for the hospital, told WXIN the letters are being sent to anyone who recently visited Eskenazi. Patients whose information was posted to the dark web will receive different notification letters than other patients.
- Mr. Harper told WXIN that he didn't have any information regarding how many people had their information leaked to the dark web.