1. Forum
  2. tqwNet
  3. TQW GENTECH

  • NYC Health + Hospitals says mega data breach allowed hackers to s

    From TechnologyDaily@1337:1/100 to All on Tuesday, May 19, 2026 15:30:31
    NYC Health + Hospitals says mega data breach allowed hackers to steal
    personal data, medical records, and fingerprints scans of around 1.8 million people

    Date:
    Tue, 19 May 2026 14:25:00 +0000

    Description:
    Fingerprints and palm prints can never be changed, which makes this attack that much more dangerous.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter NYC Health + Hospitals confirms cyberattack exposed sensitive data on 1.8 million individuals Stolen information includes medical records, government IDs, geolocation data, and biometric fingerprints and palm prints The breach stemmed from a thirdparty vendor flaw, raising longterm risks of fraud, impersonation, and targeted phishing NYC Health + Hospitals (NYCHHC), the public healthcare system of New York City and the largest municipal healthcare network in the United States, has confirmed it suffered a cyberattack in which it lost highly sensitive
    data on 1.8 million people.

    Among the stolen data are fingerprints and palm prints, which can never be changed, making this breach even more disruptive. Citing a data breach notice published on the NYCHHC website, TechCrunch says the attack started in November 2025, and lasted until February 2026, when the criminals were
    finally spotted and removed from the network. During this time, however, they were able to exfiltrate sensitive data on 1.8 million people, including patients health insurance plan and policy information, medical information (e.g., diagnoses, medications, tests, and imagery), billing, claims, and payment information. Latest Videos From You may like Millions possibly affected by data breach at dermatology giant QualDerm TriZetto data breach: health tech giant reveals personal info of 3.4 million users may have been affected Healthcare tech firm CareCloud admits data breach, says hackers accessed patient info here's what we know Third-party supply chain attack Social Security numbers, passports, and drivers licenses were apparently also compromised, and to make matters even worse, NYCHHC said the attackers also walked away with precise geolocation data.

    But the most valuable data stolen are definitely fingerprints and palm
    prints. We dont know exactly how many people are affected, and whether or not these are employees, patients, or both, but according to TechCrunch , NYCHHC requires employees to enroll their fingerprints for criminal records checks.

    The incident was reported to the US Department of Health and Human Services.

    NYCHHC said the criminals exploited a flaw in an unnamed third-party vendor. For Chris Debrunner, CISO at CBTS, this isnt much of a surprise, since healthcare organizations are interconnected by design. However, this also means third-party risk and the third-parties they are using cannot be treated as a procurement checkboxes or an annual compliance checkbox. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get
    all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting
    your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    The downstream risk and impact to the affected individuals could last well beyond the initial mitigations, Debrunner commented. Medical information, government IDs, location data, and biometrics could all be used successfully for targeted phishing, impersonation , fraud, and social engineering not just the ones directly impacted, but potentially to extended family and acquaintances. Third-party access needs to be limited, monitored, and tied to clear inventories of roles, data and systems. In these sensitive
    environments, security has to be continuously measured by how quickly you can detect and mitigate before ever getting to the point of recovery." The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/nyc-health-hospitals-says-mega-data-bre ach-allowed-hackers-to-steal-personal-data-medical-records-and-fingerprints-sc ans-of-around-1-8-million-people


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)