AvosLocker, a ransomware threat group, has reportedly gained access to personal and medical information of CHRISTUS Health patients. Reports indicate that AvosLocker has posted some personal and highly sensitive information, including names of patients with positive COVID-19 tests results, personnel data, and patient admissions and operating room records. CHRISTUS Health operates 600 facilities across four U.S. states, Mexico, Columbia, and Chile.
A July 27, 2021 data breach may have exposed personal and protected information of approximately 318,000 patients. The healthcare facility announced that names, addresses, health insurance information, medical record numbers, birth dates, patient account numbers, claim information, treatment information, and hospital or medical group information were involved in the breach, as well as some social security numbers and driver’s license numbers. SuperCare Health began notifying patients of the breach on March 25, 2022.