Cyber Incident Victim: Trinity Health

In early January 2021, Trinity Health Corporation experienced a data breach involving unauthorized access to patient files hosted on Accellion’s file transfer platform. The Livonia, Michigan-based health system confirmed that attackers successfully downloaded sensitive patient data during the security incident. By April 8, 2021, Trinity Health reported to the U.S. Department of Health and Human Services’ breach portal that 586,869 individuals were affected by this breach. The compromised information included patient files stored on the third-party file transfer system, though specific data elements were not detailed in public disclosures. This incident formed part of a broader cyberattack campaign targeting vulnerabilities in Accellion’s legacy file transfer appliance (FTA), which had been exploited by threat actors to access data across multiple organizations.

The breach at Trinity Health contributed to a cumulative total of approximately 3.38 million victims affected by the Accellion FTA attacks across at least eight healthcare organizations nationwide. Other healthcare entities similarly experienced data exfiltration through the same compromised file-sharing platform during the coordinated campaign. Trinity Health’s disclosure did not specify whether ransomware was deployed or whether patient data appeared on illicit forums following the breach. Becker’s Hospital Review documented the scale of impacted individuals while noting that Trinity Health’s report represented one segment of the wider attack chain. No additional operational disruptions or financial demands were publicly confirmed in connection with Trinity Health’s incident at the time of reporting.