Community Health Center discloses massive patient data breach.gettyUpdate, Feb. 2, 2025: This story, originally published Jan. 31, now includes further expert comments on the cybersecurity challenges facing healthcare providers following this latest medical records breach and a ransomware attack against a major blood donor group in New York.With ransomware attacks reaching record numbers, and more than a billion stolen passwords for sale on the dark web, Im constantly amazed that there arent more data breaches, if Im honest. Not that it makes it any the less shocking when a healthcare provider discloses that the medical records of a million patients have been compromised. Heres what we know about the Community Health Center security incident.More Than A Million Medical Records StolenIn a Jan. 30 filing to the Office of the Maine Attorney General, Connecticut-based healthcare provider Community Health Center has disclosed a data breach, first discovered Jan. 2, has impacted more than a million patients following a successful attack by unknown threat actors who gained access to its networks.In a letter to impacted patients, seen by this reporter, Mark Masselli president and CEO at Community Health Center, Inc., said, that investigators had determined that a skilled criminal hacker got into our system and took some data, which might include your personal information. This doesnt appear to have been a ransomware attack, as Masselli said no data was deleted or encrypted, and the hack didnt impact healthcare operations. We believe we stopped the criminal hackers access within hours, Masselli said, and that there is no current threat to our systems.There is, however, the small matter of the files that the hacker stole: files containing patients personal and health information belonging to 1,060,936 individuals. The stolen data is understood to include:Patient NamesDates of BirthContact InformationSocial Security NumbersMedical DiagnosesTreatment DetailsTest ResultsHealth Insurance DetailsMORE FOR YOUA Medical Records NightmareThis incident highlights the urgency of securing healthcare infrastructuresprotecting not just patient data, but the broader ecosystem of communication, collaboration, and care delivery, Emily Phelps, a director at Cyware, said, Incidents in this sector underscore the ongoing risks healthcare providers face, with attackers gaining access to sensitive data like names, medical diagnoses, and insurance details.Although the Community Health Center attack is not thought to have been ransomware-related, the same cannot be said for the latest healthcare hack. As I reported Feb. 1, the New York Blood Center has been hit by ransomware scumbags who have disrupted the blood donation process of a major blood supplier to 200 hospitals with all the possible consequences that come with such an irresponsible action.Dr. Ilia Kolochenko, CEO at ImmuniWeb and a Fellow at the British Computer Society, told me that healthcare will probably be the most desirable target for ransomware groups in 2025 for three key reasons. First is funding, with most healthcare organizations surviving mostly thanks to governmental subsidies or charity donations, Kolochenko said, this makes healthcare institutions a low-hanging fruit for unscrupulous cybercriminals, who are unwilling to spend a lot of time and effort to pierce multilayered cyber defense of, say, wealthy financial institutions. Then theres the more likely to pay weakness that is introduced by the very nature of the business these organizations are in, where human life is more important than money. Knowing this, Kolochenko said, ransomware groups usually start with a six- or even seven-digit bid, then significantly reduce it to something that the victim can pay, naively believing that it got a great deal. And finally, healthcare providers can handle very sensitive data of politicians, celebrities and wealthy executives, making attacks against healthcare unprecedently lucrative compared to most other sectors, Kolochenko concluded.Masselli, meanwhile, said that Community Health Center had strengthened our security and added special software to watch for suspicious activity, although this will be of cold comfort to those patients whose medical records have been compromised. Given that the attacker also has access to names, dates of birth and health insurance details, this could be an extortion nightmare waiting to unfold.