A recent data breach at NYC Health + Hospitals has compromised patient data, with hackers gaining unauthorized access for nearly three months before detection1. The incident is attributed to a third-party vendor, marking the second such breach in a matter of weeks. NYC Health + Hospitals has confirmed that the two incidents are unrelated, yet both involve third-party firms hired by the municipal healthcare system. The exact number of affected patients remains undisclosed. The breaches highlight the vulnerabilities associated with third-party vendors and the importance of robust security measures. As a result, NYC Health + Hospitals is notifying affected patients, underscoring the need for organizations to reevaluate their vendor risk management strategies. The breach matters to healthcare practitioners as it underscores the importance of vigilant monitoring and swift action to mitigate potential security threats from third-party vendors.
NYC Health Notifying Patients of 2 Third-Party Hacks
⚡ High Priority
Why This Matters
Policy developments create compliance obligations and strategic constraints for technology organizations.
References
- Bank Info Security. (2026, March 26). NYC Health Notifying Patients of 2 Third-Party Hacks. Bank Info Security. https://www.bankinfosecurity.com/nyc-health-notifying-patients-2-third-party-hacks-a-31214
Original Source
Bank Info Security
Read original →