<![CDATA[(malwarebytes.com) Massive Healthcare Data Breach at NYC Health + Hospitals Exposes Sensitive Patient and Employee Data via Third-Party Vendor]]>

<![CDATA[(malwarebytes.com) Massive Healthcare Data Breach at NYC Health + Hospitals Exposes Sensitive Patient and Employee Data via Third-Party Vendor]]>(malwarebytes.com) Massive Healthcare Data Breach at NYC Health + Hospitals Exposes Sensitive Patient and Employee Data via Third-Party Vendor

NYC Health + Hospitals breach exposes 1.8M records, including biometric data, via third-party vendor compromise (Nov 2025–Feb 2026).

In brief - A supply-chain attack on NYC H+H via an unnamed vendor led to the exposure of PII, medical records, and biometric data for 1.8M individuals. The incident underscores third-party risks in healthcare and the long-term impact of biometric data theft.

Technically - Attackers exploited a vendor vulnerability to gain persistence in NYC H+H’s network, exfiltrating PII, medical/insurance records, and biometric data (fingerprints/palm prints). The breach aligns with FBI-reported ransomware trends targeting healthcare. Mitigation requires vendor risk management, MFA, encryption, and continuous monitoring of sensitive data.

Source: https://www.malwarebytes.com/blog/news/2026/05/biometrics-diagnoses-and-bank-details-exposed-in-major-healthcare-breach

#Cybersecurity #ThreatIntel

]]>https://board.circlewithadot.net/topic/8e1f6abf-df7a-43fa-a486-aa3da50ce701/malwarebytes.com-massive-healthcare-data-breach-at-nyc-health-hospitals-exposes-sensitive-patient-and-employee-data-via-third-party-vendorRSS for NodeMon, 25 May 2026 12:11:17 GMTTue, 19 May 2026 16:57:57 GMT60