Slashdot Mirror

← Back to Stories (view on slashdot.org)

Banner Health Alerts 3.7 Million Potential Victims of Hack (bannerhealth.com)

Posted by BeauHD on from the victims-of-cyber-attacks dept.

New submitter Netdoctor writes: Apparently Banner Health is the latest victim of a cyber attack, with the Health conglomerate reporting on two incidents in July. While not all Banner customers were affected, payment details as well as customer information were leaked, according to their news brief. Some 3.7 million people are potentially affected by the attack, including patients, health plan members, healthcare providers and customers at its food and beverage outlets. Card payments for medical services appear to be safe. The company is offering a free one-year membership in monitoring services to those who are affected by the breach. Banner Health said in a statement: âoeThe patient and health plan information may have included names, birthdates, addresses, physiciansâ(TM) names, dates of service, claims information, and possibly health insurance information and social security numbers, if provided to Banner Health."

4 of 30 comments (clear)

  1. Good timing by Anonymous Coward · · Score: 5, Funny

    I only have six free credit monitoring services from previous breaches and two are set to expire in a few months.

  2. I think it's time for the corporate death penalty. by dgatwood · · Score: 2

    We keep seeing companies losing the highly private health data of millions of people. At this point, in my opinion, the only thing that will stop this is a couple of high-profile companies getting successfully sued or fined out of existence. If companies see the most likely punishment as a small slap on the wrist with little chance of getting caught in the first place, then they'll continue to be sloppy with medical records and other similarly private data. If a couple of dozen insurance companies went Chapter 7 overnight, that would serve as sufficient warning to others that this sort of nonsense will not be tolerated, and the others would be forced to pay attention and take security and privacy seriously.

    --

    Check out my sci-fi/humor trilogy at PatriotsBooks.

  3. Why Try by psyclone · · Score: 3, Insightful

    Why even try to secure information anymore - just make it all public.

    Only need a way to not use all this info to spoof an identity for financial gain. If the Social Security Admin listed all the names & birthdays & numbers online, I'm sure industry would figure it out. Right?

    1. Re:Why Try by ShanghaiBill · · Score: 3, Insightful

      Why even try to secure information anymore - just make it all public.

      Bingo. This is the solution. It is idiotic to have numbers, including SSNs and CC numbers, that need to be both secret and widely known. Everyone I have ever done business with (as an employee, contractor, contractee, patient, client, etc.) knows my SSN. Every waiter in most local restaurants has had access to my CC numbers along with the super secret 3-digit code that is printed directly on the card in plain view. It is absurd that someone can establish and use credit in my name with mere knowledge of these numbers. These numbers should be public so there can be no presumption that they are secret, and there should be a separate system of authentication that is not based on knowing semi-public information.