Orlando Health

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Orlando Health, a healthcare system based in Florida, has recently been affected by cybersecurity breaches involving two of its vendors, ESO Solutions and Nuance Communications. The first incident was a ransomware attack on ESO Solutions, a software company, which compromised some of Orlando Health’s data. ESO Solutions, after securing its network, initiated an investigation and notified its healthcare partners, including Orlando Health, about the breach’s impact on their data.

The second breach involved Nuance Communications, a healthcare artificial intelligence company owned by Microsoft. This breach resulted in the exposure of some patients’ protected health information (PHI). Both ESO Solutions and Nuance Communications have taken steps to notify all affected patients by mailing letters to inform them of the breach and the potential compromise of their PHI

In addition to these vendor-related breaches, Orlando Health has experienced other cybersecurity incidents in the past. For instance, in 2022, an unauthorized user accessed an Orlando Health employee’s email account, potentially compromising the information of 3,662 patients. The compromised information included demographic and clinical details, and in some cases, health insurance ID numbers and Social Security numbers. Orlando Health responded by securing the affected email account and reinforcing education with its staff while implementing additional security enhancements to its email environment.

Breach Submission Date Nov 18, 2022
Converted Entity Name Orlando Health
Converted Entity Type Healthcare Provider
State FL
Individuals Affected 3,662
Breach Type Hacking/IT Incident

Breach Information Location Email

Business Associate Present Yes