US cancer center City of Hope: data breach impacted 827149 individuals
April 04, 2024
US cancer center City of Hope suffered a data breach that impacted 800,000 individuals, personal and health information was compromised.
City of Hope is a renowned cancer research and treatment center located in Duarte, California, United States. It is recognized for its comprehensive cancer care, innovative research, and compassionate patient support services.
City of Hope suffered a data breach, the organization started notifying 827149 individuals that their personal and health information was compromised.
“While the investigation remains ongoing, the impacted personal information identified thus far varies by individual but may have included name, contact information (e.g., email address, phone number), date of birth, social security number, driver’s license or other government identification, financial details (e.g., bank account number and/or credit card details), health insurance information, medical records and information about medical history and/or associated conditions, and/or unique identifiers to associate individuals with City of Hope (e.g., medical record number).” reads the notice of incident published by the cancer research on its website.
According to the notification letter sent to the impacted individuals, the security breach occurred between July 7, 2023 and October 15, 2023 and was discovered on March 25, 2024. Upon discovery of the security breach the organizations immediately instituted mitigation measures.
The organization notified law enforcement and launched an investigation with the help of a leading cyber security firm. The company determined that threat actors accessed a subset of its systems and obtained copies of some files.
“While there is no indication of any identity theft or fraud occurring as a result of this incident. City of Hope determined that the affected personal information included social security numbers. The investigation remains ongoing.” reads the notification letter.
City of Hope is offering to the impacted individuals two years of complimentary credit monitoring services through Kroll. This identity theft monitoring includes credit monitoring, fraud consultation, and identity theft restoration.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, data breach)