Back to Data Breach

Data Breach

Banner Health to pay $6 million as settlement for 2016 data breach.

In December 2019, Arizona’s largest healthcare center, Banner Health, agreed to pay $6 million as settlement for a data breach that happened in 2016. The incident compromised the personal data of 3.7 million patients, which included Social Security numbers, dates of services, and health insurance information.

In June 2016, threat actors gained access to the healthcare center's payment processing system. Through the payment system, they managed to move laterally in the network and land in the servers containing personal information of the patients. The breach was discovered only a month later, which then spurred further investigations. 

Soon after Banner Health announced the breach, patients filed a class-action suit arguing that the cyberattack could have put their PHI, personal information, and financial data at risk. The lawsuit also alleged that Banner Health had not taken steps to implement appropriate security measures to protect itself against cyberattacks. As per the terms of settlement, victims can claim reimbursement up to $500 per victim for typical expenses and up to $10,000 for extraordinary expenses. 

Protect yourself against cybersecurity disasters like this by investing in a tool that will protect your network from brute-force attacks, ransomware threats, and denial-of-service (DoS) attacks. Download ManageEngine Log360, a tool that helps combat both internal and external security attacks.

How ManageEngine can help.

Log360, our comprehensive SIEM solution, can help your organization by:

  • Alerting security teams in real time about events that require their immediate attention, such as network attacks, unauthorized access attempts to files or folders, security group membership changes, and account lockouts.
  • Detecting unauthorized network access attempts with its built-in Structured Threat Information eXpression (STIX/TAXII) feeds processor. Log360 also has a global IP threat database that can instantly detect known malicious traffic passing through the network as well as outbound connections to malicious domains and callback servers. 
  • Finding potential insider threats with its user and entity behavior analytics engine, which creates a baseline of normal activities that are specific to each user and notifies security personnel instantly when there's a deviation from this norm.
  • Obtaining important forensic information about incidents. The collected logs can be securely archived to help prove adherence to compliance standards and reduce potential legal penalties during investigations.
  • Automatically raising incidents as tickets to specific technicians in ServiceDesk Plus, JIRA, Zendesk, Kayako, or ServiceNow to create an incident resolution process that's swift and accountable.

Download a free trial of Log360 to see the tool in action for yourself.

© 2022 Zoho Corporation Pvt. Ltd. All rights reserved.


Stay In The Know

Thank you

You will receive weekly cybersecurity news soon!

  • Please enter a business email id
    By clicking 'I'm Interested', you agree to processing of personal data according to the Privacy Policy.