Orlando Health
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
Orlando Health, a healthcare system based in Florida, has recently been affected by cybersecurity breaches involving two of its vendors, ESO Solutions and Nuance Communications. The first incident was a ransomware attack on ESO Solutions, a software company, which compromised some of Orlando Health’s data. ESO Solutions, after securing its network, initiated an investigation and notified its healthcare partners, including Orlando Health, about the breach’s impact on their data.
The second breach involved Nuance Communications, a healthcare artificial intelligence company owned by Microsoft. This breach resulted in the exposure of some patients’ protected health information (PHI). Both ESO Solutions and Nuance Communications have taken steps to notify all affected patients by mailing letters to inform them of the breach and the potential compromise of their PHI
In addition to these vendor-related breaches, Orlando Health has experienced other cybersecurity incidents in the past. For instance, in 2022, an unauthorized user accessed an Orlando Health employee’s email account, potentially compromising the information of 3,662 patients. The compromised information included demographic and clinical details, and in some cases, health insurance ID numbers and Social Security numbers. Orlando Health responded by securing the affected email account and reinforcing education with its staff while implementing additional security enhancements to its email environment.