"Norton Healthcare Ransomware Hack: 2.5 Million Personal Records Stolen"

Kentucky healthcare organization Norton Healthcare started informing 2.5 million individuals that their personal information was compromised in a ransomware data extortion hack earlier this year. The company said the incident was identified on May 9, 2023, and involved unauthorized access to certain network storage systems for two days. Norton Healthcare runs 140 locations in Greater Louisville and Southern Indiana. The company determined that the attackers had exfiltrated files containing the personal information of current and former patients, employees, and dependents. In mid-November, Norton Healthcare determined that the compromised information included names, contact information, dates of birth, Social Security numbers, health and insurance information, and medical identification numbers. In some instances, the data may include driver’s licenses or other government ID numbers, financial account numbers, and digital signatures. Norton Healthcare noted that its medical record system and the Norton MyChart application service (which allows patients to access their medical records from their mobile devices) were not affected.

SecurityWeek reports: "Norton Healthcare Ransomware Hack: 2.5 Million Personal Records Stolen"