MedStar Health notifying patients of data theft breach

MedStar Health, which operates 10 hospitals and 300 other care sites in Maryland, Virginia and Wash. D.C., is notifying a yet-undisclosed number of patients of a data theft incident affecting their sensitive information. Ransomware group Rhysida claims on its darkweb leak site to have 3.7 terabytes of MedStar’s stolen data, including “over 7 million pieces of patients’ personal data.”

MedStar in a breach notice posted on its website said it began on Dec. 3 to notify affected individuals by mail.

“On Oct. 4, we learned about a cybersecurity incident in which an outside party gained unauthorized access to MedStar Health’s systems that included patient information,” the notice said.

Read more at Healthcare Info Security