NYC Health and Hospitals (NYCHHC), the largest public healthcare system in the US, announced that a cyberattack resulted in the theft of personal and medical data, as well as fingerprints, of at least 1.8 million patients. Hackers accessed the system through a third-party provider and copied data between November 2025 and February 2026. This is reported by Techcrunch.com reports .
The stolen data includes patients' health insurance policies, diagnoses, prescribed medications, payment information, social security numbers, passports, and driver's licenses. Precise geolocation data recorded at the time of document uploads may also have fallen into the hands of the hackers.
The most concerning aspect of the situation is that hackers obtained biometric data of patients and employees, specifically fingerprints and palm prints. Since biometric data is immutable, its exposure poses long-term security risks for the victims.
NYCHHC representatives stated that network security was restored once the cyberattack was detected. So far, the organization has not commented on hacker demands or the reasons for the delayed detection of the attack. Experts consider this incident one of the largest medical data breaches of the year.
Read “Zamin” on Telegram!
