By Will Feuer


HCA Healthcare, which operates about 180 hospitals and other health-care facilities, said some patient information, including names, emails and phone numbers, were leaked online.

The company said an unknown and unauthorized party made the information available on an online forum.

The information includes patients' names, cities, zip codes, emails, phone numbers, service date and more. However, payment information, clinical information and other sensitive information like social security numbers weren't affected.

Nashville-based HCA said the incident "appears to be a theft from an external storage location exclusively used to automate the formatting of email messages." The company said it has reported the incident to law enforcement and hired advisors to help investigate.

HCA said it has "not identified evidence of any malicious activity on HCA Healthcare networks or systems related to this incident." The company has disabled user access to the affected storage location as a containment measure and plans to contact affected patients.

The company said there hasn't been any disruption to services or operations, and that HCA doesn't believe the incident will affect financial results.


Write to Will Feuer at Will.Feuer@wsj.com


(END) Dow Jones Newswires

07-10-23 0858ET