Banner Health, one of the largest healthcare providers in Arizona, recently announced that a cyberattack may have compromised the personal information of up to 3.7 million individuals.
The data breach was found to have initiated on June 17, 2016 on computer systems that process payment card data at certain Banner food and beverage locations. Sensitive information such as payment cardholder name, number, expiration date and internal verification code was targeted.
Payment cards used at food and beverage outlets at certain Banner Health locations during the two-week period between June 23, 2016 and July 7, 2016 may have been affected.
Banner Health then learned that the cyberattack had also expanded to provide hackers with access to patient information, health plan member and beneficiary information, as well as information about physician and healthcare providers.
Whether the breach was limited to the data of individuals who obtained healthcare at just the specified Banner locations or if it was more widespread remains unknown at this time.
Banner Health is based in Phoenix with locations in Alaska, Arizona, California, Colorado, Nebraska, Nevada and Wyoming.
On August 3rd, Banner Health began to mail out official notices of the data breach.
The information that has been compromised in the Banner Health data breach may include patients’ names, birthdates, addresses, dates of service, clinical details, physicians’ names, health insurance information, and social security numbers.
MEMBERS AND BENEFICIARIES
Current or former Banner Health plan members or beneficiaries of a Banner Health employee benefits plan may also have been affected by this data breach. The information involved in the cyberattack may have included names, birthdates, addresses, social security numbers, dates of service, claim details, and health insurance information.
FOOD AND BEVERAGE OUTLET CUSTOMERS
Customers who made transactions using payment cards at Banner Health’s food and beverage locations at the time of the breach may have compromised their payment card data including cardholder name, card number, expiration date, and verification code.
Banner Health providers are also at-risk of their information being compromised in this data breach. Targeted information may include names of providers, addresses, dates of birth, social security numbers, Drug Enforcement Agency numbers, Tax Identification Numbers, and National Provider Identifiers numbers.
Further information of how patients, members and beneficiaries, food and beverage outlet customers, and health providers have been affected in the Banner Health data breach can be found here.
BANNER HEALTH DATA BREACH LAWSUIT
The Faraci Lange team has been at the forefront of representing consumers in cybersecurity cases. Most recently, Faraci Lange attorney Hadley L. Matarazzo was appointed Co-Lead Counsel in the Excellus data breach class action litigation, which is one of the largest corporate data breaches in history.
Stay up to date on the Banner Health data breach lawsuit here.