NYC Health + Hospitals says hackers stole medical data and fingerprints during breach affecting at least 1.8 million people

A massive data breach has compromised the personal and medical information of at least 1.8 million individuals, with hackers also making off with fingerprint scans and other biometric data from NYC Health + Hospitals. The breach, one of the largest of its kind in 2026, has significant implications for the security of sensitive healthcare data. Details of the breach, including the method of attack and vulnerabilities exploited, have not been disclosed, but the theft of biometric data is particularly concerning due to its permanent nature¹. The breach underscores the need for robust cybersecurity measures in healthcare organizations, where sensitive data is often a prime target for attackers. So what matters to practitioners is that this incident highlights the importance of prioritizing data protection and implementing robust security protocols to prevent similar breaches in the future.