Banner Health has suffered a massive cyberattack potentially affecting 3.7 million individuals, including patients, health plan members and beneficiaries, providers, and even those who bought food and beverages with a payment card.

The hackers hit a “limited” number of computer services as well as the computer systems that process food and beverage purchases.

Phoenix-based Banner said the attack was discovered on July 13, with indications suggesting that it had started on June 17. All affected individuals are being offered one year of credit/identity protection services from Kroll.

Banner on behalf of providers is notifying the Drug Enforcement Agency and providers’ licensing boards.

Patient data compromised could include names, birth dates, addresses, Social Security numbers, physician names, dates of service, clinical information and possibly health insurance information, according to the organization.

Compromised provider information could include names, addresses, dates of birth, DEA numbers, Tax Identification numbers, National Provider Identifiers and Social Security numbers.

Health plan member and beneficiary information at risk could include names, birth dates, Social Security numbers, addresses, dates of service and claims information, and health insurance information.

In Banner’s statement on the incident, the delivery system now says payment cards can be used with confidence at its food and beverage facilities.

(This article appears courtesy of our sister publication, Health Data Management)

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access