Cyber Incident Victim: Sentara Healthcare

On November 17, 2016, Sentara Healthcare, in coordination with law enforcement, identified a cybersecurity incident involving one of its third-party vendors. The breach compromised records of 5,454 vascular and thoracic surgery patients treated at Sentara hospitals in Virginia between 2012 and 2015. Exposed information included patient names, medical record numbers, dates of birth, Social Security numbers, procedure details, demographic data, and medication information. Sentara's Information Security team, the unnamed vendor, and law enforcement jointly investigated the incident, which remained active at the time of public disclosure. The organization confirmed the breach did not impact all Stronga Healthcare patients, only those receiving specific surgical care during the three-year window. No technical details regarding attack vectors, system compromises, or intrusion methods were disclosed publicly.

Sentara initiated patient notifications on January 13, 2017, mailing letters to affected individuals and establishing a dedicated call center operational Monday through Friday. Recipients were instructed to contact Sentara by January 29, 2017 if they suspected involvement but hadn't received correspondence. The healthcare provider advised vigilance against identity theft through monitoring financial accounts and reviewing credit reports, though no evidence of data misuse was confirmed. Law enforcement involvement continued during the notification phase, restricting Sentara's ability to disclose specifics about the breach's origin or whether it resulted from external attacks or insider actions. The incident highlighted risks associated with third-party vendor relationships in healthcare data management, though no operational disruptions or additional impacted services were reported.