Banner Health based in Arizona recently suffered data breach when it had incident of cybersecurity attack. It potentially affected 3.7 million patients, members and beneficiaries, providers, and food and beverage outlet customers. According to the Banner Health, cyberattack affected “a limited number of Banner Health computer servers as well as the computer systems that process payment card data at certain Banner Health food and beverage outlets.”
“Banner is committed to maintaining the privacy and security of information of our patients, employees, plan members and beneficiaries, customers at our food and beverage outlets, as well as our providers,” Banner Health President and CEO Peter Fine said in a statement.
Affected patients included names, dates of birth, addresses, physicians’ names, dates of service, clinical information, and possibly health insurance information accessed. Social Security numbers were also included in the breach those who provided the same. Also, members and beneficiaries got their names, dates of birth, Social Security numbers, addresses, dates of service and claims information, and health insurance information as a current or former health plan member or beneficiary exposed. Payment cards used at 27 different Banner Health locations was also affected which was used during certain date range.
Banner’s affected facilities includes Arkansas, Arizona, Colorado, and Wyoming.
“The attackers targeted payment card data, including cardholder name, card number, expiration date and internal verification code, as the data was being routed through affected payment processing systems,” Banner said.
Names, addresses, dates of birth, DEA (Drug Enforcement Agency) numbers, TINs (Tax Identification Number), NPIs (National Provider Identifiers) numbers, or Social Security numbers may have been affected for the providers. Banner sent data breach notification letters to those potentially affected.
“We have returned to accepting all forms of payment at food and beverage facilities. You can use your payment card with confidence,” Banner explained. “This incident did not affect payment cards used for payment of medical services.”
Alertsec is used by organizations that have recognized the need to protect their information. Over 4 million users worldwide use Alertsec Check Point Full Disk Encryption.