Cyber attackers hit Banner Health systems

A cyber attack may have affected approximately 3.7 million people associated with Banner Health, the Phoenix-based system that runs three hospitals and dozens of clinics in Northern Colorado.

Banner Health said Wednesday that it is mailing letters to approximately 3.7 million patients, health plan members and beneficiaries, food and beverage customers, physicians and health-care providers related to the attack.

Bill Byron, vice president for public relations at Banner, said the system immediately launched an investigation, hired a leading forensics firm, took steps to block the cyber attackers, and contacted law enforcement.

SPONSORED CONTENT

Business Cares: May 2024

As Mental Health Awareness Month unfolds in Colorado, it serves as a reminder of the collective responsibility to prioritize mental well-being.

“We are anticipating that people in Northern Colorado were affected,” he said. Banner runs McKee Medical Center in Loveland, North Colorado Medical Center in Greeley and Banner Fort Collins Hospital.

The attack came in two parts, Byron said. One involved payment cards at food-service areas in the hospitals, while the other involved personal information from patients, employees and providers, including medical records.

Banner discovered on July 7 that cyber attackers may have gained unauthorized access to computer systems that process payment-card data at food and beverage outlets at some Banner Health locations. The attackers targeted data including cardholder name, card number, expiration date and internal verification code, as the data was being routed through affected payment processing systems between June 23 and July 7. The investigation revealed that the attack did not affect payment-card payments used to pay for medical services.

On July 13, Banner learned that the attackers may have gained unauthorized access to patient information, health plan member and beneficiary information, as well as information about physician and health-care providers, possibly including names, birthdates, addresses, physicians’ names, dates of service, claims information, and health-insurance information and Social Security numbers.

This incident did not affect all Banner Health patients or health plan members and beneficiaries, according to a statement from Banner.

Byron said Banner Health worked quickly to block the attackers and is working to enhance the security of its systems in order to help prevent this from happening in the future. Banner Health is also working with the payment-card networks so banks that issue the cards can be made aware and initiate heightened monitoring on the affected cards.

“Customers should be assured that they can confidently use payment cards at Banner Health food and beverage outlets,” a Banner Health statement said.

The system is encouraging food and beverage customers to remain vigilant to the possibility of fraud by reviewing their payment-card statements for any unauthorized activity. These customers should immediately report any unauthorized charges to their card issuer because payment card rules generally provide that cardholders are not responsible for unauthorized charges reported in a timely manner.

Banner Health also is recommending that patients review the explanation of benefits statements they receive from their health insurer. If they see any services they did not receive, the patient should contact the insurer immediately.

Byron said customers with questions can call 1-855-223-4412, from 8 a.m. to 8 p.m. Mountain time, seven days a week. The system is offering affected people free credit and identity monitoring for a year and fraud restoration services if necessary, Byron said.