Security Affairs
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Hospital Sisters Health System impacted 882,782 individuals

The cyberattack on Hospital Sisters Health System in 2023 compromised the personal information of 883,000 individuals. The cyberattack that hit the infrastructure of the Hospital Sisters Health System (HSHS) in August 2023 impacted the personal information of 882,782 individuals. The systems at the hospital were brought down by the attack starting on August 27, 2023, […]

Signature Healthcare

The cyberattack on Hospital Sisters Health System in 2023 compromised the personal information of 883,000 individuals.

The cyberattack that hit the infrastructure of the Hospital Sisters Health System (HSHS) in August 2023 impacted the personal information of 882,782 individuals.

The systems at the hospital were brought down by the attack starting on August 27, 2023, the healthcare organization confirmed that the security breach disrupted internal systems, some applications, communications, online payments, and the HSHS website. The outage of the impacted systems lasted several days.

HSHS immediately notified law enforcement and began an investigation into the cyber incident with the help of a leading forensic security firm. The investigation revealed that the threat actors breached the NSHS’s network from August 16 to 27, and gained access to multiple files containing personal information.

“On August 27, 2023, HSHS discovered an unauthorized third party gained temporary access to HSHS’s network. Upon learning of the situation, we immediately took steps to contain and remediate the incident and launched an internal investigation. We also reported the incident to law enforcement and engaged a leading forensic security firm to assist in our investigation and confirm the security of our computer systems and network. The forensic investigation determined that the unauthorized third party accessed certain files on our network between August 16 and August 27, 2023.” reads the data breach notification shared with the Maine Attorney General. “We have since been reviewing those files and notifying individuals whose information was found in the files on a rolling basis as our review has continued.”

The type of information exposed in the attack varied for each individual, it may have included names, addresses, dates of birth, medical record numbers, limited treatment information, health insurance information and Social Security numbers and/or driver’s license numbers.

The Hospital Sisters Health System pointed out that they have no reason to believe that compromised personal information has been misused for malicious purposes.

HSHS is offering free identity theft protection and credit monitoring to affected individuals.

In January 2025, another healthcare provider, the Community Health Center (CHC), revealed that a data breach impacted over 1 million patients in Connecticut.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Hospital Sisters Health System)