HSHS
Company Details
Linkedin ID:
hospital-sisters-health-system
Website:
Employees number:
11,388
Number of followers:
11,422
NAICS:
62
Industry Type:
Homepage:
hshs.org
IP Addresses:
0
Company ID:
HOS_3267569
Scan Status:
In-progress
Hospital Sisters Health System Company CyberSecurity Posture
hshs.org
Since 1875, the Hospital Sisters of St. Francis have been caring for patients in Illinois, Wisconsin and other locations in the United States and across the world. Today, Hospital Sisters Health System (HSHS) is a multi-institutional health care system that cares for patients in 14 communities in Illinois and Wisconsin. With 15 hospitals, scores of community-based health centers and clinics, nearly 2,300 physician partners, and more than 14,600 colleagues, HSHS is committed to its mission “to reveal and embody Christ’s healing love for all people through our high quality Franciscan health care ministry.” HSHS continues to advance its mission through its care integration strategy by working closely with physician partners in Illinois and Wisconsin to deliver high quality, patient-centered care. Together, we strive to ensure each patient who enters our system has seamless access to health and wellness programs, primary and specialty care, and acute and post-acute care. Through their commitment to our care integration strategy, HSHS physician partners coordinate closely with our hospital and clinic colleagues to provide our patients with holistic care that meets their individual needs. By leveraging the latest technology, emphasizing the importance of relationships, and living its values, HSHS is making a positive difference in the lives of the patients and families it is privileged to serve.
Hospital Sisters Health System A.I CyberSecurity Scoring
HSHS Risk Score (AI oriented)Between 700 and 749
HSHS
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
HSHS Global Score (TPRM)XXXX
HSHS
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
HSHS Company CyberSecurity News & History
Past Incidents
2
Attack Types
1
Hospital Sisters Health System (HSHS)
Cyber Attack
Rankiteo Explanation
Attack threatening the organization's existence
Description: In August 2023, **Hospital Sisters Health System (HSHS)**, a Midwest-based network of 13 Catholic hospitals, suffered a **targeted cyberattack** compromising the **personally identifiable information (PII) and protected health information (PHI) of 882,782 individuals**. The breach exposed data including **names, addresses, dates of birth, medical record numbers, treatment details, health insurance info, Social Security numbers, and driver’s license numbers** after threat actors gained unauthorized access to HSHS’s network between **August 16–27, 2023**. HSHS agreed to a **$7.6 million settlement**, offering affected individuals up to **$5,000 per valid claim** for out-of-pocket losses, alongside **24 months of free credit/identity monitoring**. The incident led to **class-action litigation** alleging negligence, breach of contract, and unjust enrichment, though HSHS denied liability. The breach underscored systemic vulnerabilities in healthcare cybersecurity, prompting HSHS to commit to **enhanced data security measures**, though specifics were undisclosed. The financial and reputational fallout, combined with regulatory scrutiny, highlights the severe consequences of healthcare data breaches.
Hospital Sisters Health System (HSHS)
Cyber Attack
Rankiteo Explanation
Attack threatening the organization’s existence
Description: In August 2023, Hospital Sisters Health System (HSHS) suffered a **targeted cyberattack** that compromised the **personally identifiable information (PII) and protected health information (PHI)** of patients. The breach exposed sensitive data, leading to potential identity theft, fraud, and financial losses for affected individuals. HSHS agreed to a **$7.6 million class-action settlement**, offering victims up to **$5,000 in reimbursement** for documented losses (e.g., credit monitoring, ID replacement, fraud-related expenses) or a **pro rata cash payment**. Additionally, all class members were eligible for **two years of credit monitoring and $1 million in fraud insurance**. The incident stemmed from HSHS’s alleged failure to adequately secure its systems, though the organization denied wrongdoing. The settlement covers administrative costs, legal fees, and direct payouts to victims, with claims processed until **November 14, 2025**.
HSHS Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for HSHS
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for Hospital Sisters Health System in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Hospital Sisters Health System in 2025.
Incident Types HSHS vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for Hospital Sisters Health System in 2025.
Incident History — HSHS (X = Date, Y = Severity)
HSHS cyber incidents detection timeline including parent company and subsidiaries
HSHS Company Subsidiaries
Since 1875, the Hospital Sisters of St. Francis have been caring for patients in Illinois, Wisconsin and other locations in the United States and across the world. Today, Hospital Sisters Health System (HSHS) is a multi-institutional health care system that cares for patients in 14 communities in Illinois and Wisconsin. With 15 hospitals, scores of community-based health centers and clinics, nearly 2,300 physician partners, and more than 14,600 colleagues, HSHS is committed to its mission “to reveal and embody Christ’s healing love for all people through our high quality Franciscan health care ministry.” HSHS continues to advance its mission through its care integration strategy by working closely with physician partners in Illinois and Wisconsin to deliver high quality, patient-centered care. Together, we strive to ensure each patient who enters our system has seamless access to health and wellness programs, primary and specialty care, and acute and post-acute care. Through their commitment to our care integration strategy, HSHS physician partners coordinate closely with our hospital and clinic colleagues to provide our patients with holistic care that meets their individual needs. By leveraging the latest technology, emphasizing the importance of relationships, and living its values, HSHS is making a positive difference in the lives of the patients and families it is privileged to serve.
Loading...
HSHS Similar Companies
GeBBS Healthcare Solutions
GeBBS Healthcare Solutions is a KLAS rated leading provider of Revenue Cycle Management (RCM) services and Risk Adjustment solutions. GeBBS’ innovative technology, combined with over 14,000-strong global workforce, helps clients improve financial performance, adhere to compliance, and enhance the pa
Erasmus MC
We are Erasmus MC. Our roots lie in Rotterdam, a city and port of international standing. We are the most innovative university medical center in the Netherlands and one of the world’s leading centers of scientific research. We are committed to achieving a healthy population and pursuing excellence
Northwell Health
Northwell Health is New York State’s largest health care provider and private employer, with 21 hospitals, about 900 outpatient facilities and more than 12,000 affiliated physicians. We care for over two million people annually in the New York metro area and beyond, thanks to philanthropic support
Queensland Health
Queensland Health is the state's largest healthcare provider. We are committed to ensuring all Queenslanders have access to a range of public healthcare services aimed at achieving good health and well-being. Through a network of 16 Hospital and Health Services, as well as the Mater Hospitals, Quee
Vanderbilt University Medical Center
From specializing in transplants and pediatric cancer to solving undiagnosed diseases, we know solving the most complex problems prepares us to solve any problem. We are committed to excellence in patient care, research, and medical education and training. We thrive on challenges, embrace collaborat
Lehigh Valley Health Network
Lehigh Valley Health Network (LVHN) is proudly part of Jefferson Health, forming a leading integrated academic health care delivery system. With 65,000 colleagues, 32 hospitals and over 700 sites of care across the Lehigh Valley, northeastern Pennsylvania, Delaware Valley and southern New Jersey. L
Ascension
Answering God's call to bring health, healing and hope to all. Ascension is one of the nation’s leading non-profit and Catholic health systems, with a Mission of delivering compassionate, personalized care to all, with special attention to those most vulnerable. In FY2025, Ascension provided $1.7
Kaiser Permanente
At the heart of health care, you’ll find Kaiser Permanente. As the nation’s leading not-for-profit, integrated health plan, we make a difference in the lives of members, patients, and communities across the country. With 39 hospitals and more than 734 locations in eight states and the District of
Johnson & Johnson MedTech
At Johnson & Johnson MedTech, we are working to solve the world’s most pressing healthcare challenges through innovations at the intersection of biology and technology. With deep expertise in surgery, orthopaedics, cardiovascular, and vision, we design healthcare solutions that are smarter, less inv
.png)
HSHS CyberSecurity News
November 15, 2025 10:03 AM
Hospital Sisters Health System appoints new leader for marketing and communications
Charmaine Weis has been named System Vice President, Marketing and Communications for Hospital Sisters Health System. Weis joined HSHS in...
October 03, 2025 07:00 AM
$7.6M Hospital Sisters Health System HSHS data breach Settlement
Hospital Sisters Health System (HSHS) has agreed to a $7.6 million class action lawsuit settlement to resolve claims that it failed to...
October 03, 2025 07:00 AM
WhatsApp worm spreads.
A fast-spreading malware campaign is abusing WhatsApp as both lure and launchpad. Carmaker Renault suffers a data breach.
October 02, 2025 07:00 AM
Hospital Chain to Pay $7.6M to Settle Breach Litigation
A network of 13 Catholic hospitals, community health centers and clinics in the Midwest will pay $7.6 million and implement improvements to...
May 16, 2025 07:00 AM
Hospital Sisters Health System Must Face Genetic-Privacy Lawsuit
Illinois-based Hospital Sisters Health System must face a proposed class action alleging it required job applicants to disclose their family...
March 24, 2025 07:00 AM
FBI, healthcare agencies warn of credible threat against hospitals, after multi-city social media terror plot alert
Hospitals and healthcare networks across America are under threat. From ransomware and insider sabotage to shootings and credible terror alerts.
February 11, 2025 08:00 AM
HSHS notifies nearly 900K patients about a 2023 data breach
Hospital Sisters Health System (HSHS) rolled out notification letters to 882,000 patients about a 2023 cyberattack that resulted in a data...
February 10, 2025 08:00 AM
Over 882K impacted by Hospital Sisters Health System breach
Attackers who breached HSHS' systems from Aug. 16 to Aug. 27, 2023, were able to exfiltrate varying types of data from individuals,...
February 07, 2025 08:00 AM
Hospital Sisters Health System: August 2023 Data Breach Affected 883K Individuals
Hospital Sisters Health System (HSHS) in Springfield, IL, and Prevea Health in Green Bay, WI, were affected by a cyberattack in late August which caused an...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
HSHS CyberSecurity History Information
Official Website of Hospital Sisters Health System
The official website of Hospital Sisters Health System is https://www.hshs.org/.
Hospital Sisters Health System’s AI-Generated Cybersecurity Score
According to Rankiteo, Hospital Sisters Health System’s AI-generated cybersecurity score is 743, reflecting their Moderate security posture.
How many security badges does Hospital Sisters Health System’ have ?
According to Rankiteo, Hospital Sisters Health System currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Hospital Sisters Health System have SOC 2 Type 1 certification ?
According to Rankiteo, Hospital Sisters Health System is not certified under SOC 2 Type 1.
Does Hospital Sisters Health System have SOC 2 Type 2 certification ?
According to Rankiteo, Hospital Sisters Health System does not hold a SOC 2 Type 2 certification.
Does Hospital Sisters Health System comply with GDPR ?
According to Rankiteo, Hospital Sisters Health System is not listed as GDPR compliant.
Does Hospital Sisters Health System have PCI DSS certification ?
According to Rankiteo, Hospital Sisters Health System does not currently maintain PCI DSS compliance.
Does Hospital Sisters Health System comply with HIPAA ?
According to Rankiteo, Hospital Sisters Health System is not compliant with HIPAA regulations.
Does Hospital Sisters Health System have ISO 27001 certification ?
According to Rankiteo,Hospital Sisters Health System is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Hospital Sisters Health System
Hospital Sisters Health System operates primarily in the Hospitals and Health Care industry.
Number of Employees at Hospital Sisters Health System
Hospital Sisters Health System employs approximately 11,388 people worldwide.
Subsidiaries Owned by Hospital Sisters Health System
Hospital Sisters Health System presently has no subsidiaries across any sectors.
Hospital Sisters Health System’s LinkedIn Followers
Hospital Sisters Health System’s official LinkedIn profile has approximately 11,422 followers.
NAICS Classification of Hospital Sisters Health System
Hospital Sisters Health System is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
Hospital Sisters Health System’s Presence on Crunchbase
No, Hospital Sisters Health System does not have a profile on Crunchbase.
Hospital Sisters Health System’s Presence on LinkedIn
Yes, Hospital Sisters Health System maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/hospital-sisters-health-system.
Cybersecurity Incidents Involving Hospital Sisters Health System
As of November 27, 2025, Rankiteo reports that Hospital Sisters Health System has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
Hospital Sisters Health System has an estimated 29,976 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Hospital Sisters Health System ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
What was the total financial impact of these incidents on Hospital Sisters Health System ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $7.60 million.
How does Hospital Sisters Health System detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with notices sent to affected individuals via postcard/email with unique id/pin for claims. settlement administrator established for claims processing., and and third party assistance with forensic investigators, third party assistance with legal counsel, and and containment measures with network access revoked, containment measures with immediate remediation, and remediation measures with enhanced data security policies (unspecified), and communication strategy with breach notices to affected individuals (september 2024), communication strategy with public statement (via information security media group), communication strategy with settlement notices (mail, november 2024 claim deadline), and enhanced monitoring with 24-month credit/identity monitoring for victims..
Incident Details
Can you provide details on each incident ?
Title: Hospital Sisters Health System Data Breach (August 2023)
Description: A targeted cyberattack on Hospital Sisters Health System (HSHS) in August 2023 compromised personally identifiable information (PII) and personal health information (PHI) of consumers. The breach led to a $7.6 million class action settlement, offering affected individuals up to $5,000 in reimbursement for documented losses or a pro rata cash payment, along with two years of credit monitoring services.
Date Detected: 2023-08-16
Type: Data Breach
Title: Hospital Sisters Health System 2023 Data Breach Settlement
Description: Hospital Sisters Health System (HSHS), a network of 13 Catholic hospitals, agreed to pay $7.6 million and improve data security practices to settle class action litigation stemming from a 2023 cyberattack that compromised the personally identifiable information (PII) and protected health information (PHI) of nearly 900,000 individuals. The breach occurred between August 16–27, 2023, when an unauthorized third party accessed HSHS's network. Affected data included names, addresses, dates of birth, medical record numbers, treatment details, health insurance info, Social Security numbers, and driver’s license numbers. HSHS denied wrongdoing but committed to remedial security measures and offered credit monitoring to victims.
Date Detected: 2023-08-27
Type: Data Breach
Attack Vector: Network Intrusion (Unauthorized Access)
Threat Actor: Unidentified (Third-Party Hacker)
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach HOS5292352092625
Data Compromised: Personally identifiable information (pii), Personal health information (phi)
Systems Affected: Network systems
Brand Reputation Impact: Class action lawsuit and settlement indicate reputational damage
Legal Liabilities: $7.6 million settlement fund (including attorneys' fees, administration costs, and class member payments)
Identity Theft Risk: Documented cases of identity theft or fraud reported by affected individuals
Incident : Data Breach HOS3502435100325
Financial Loss: $7.6 million (settlement cost)
Data Compromised: Types: [, ', N, a, m, e, s, ', ,, , ', A, d, d, r, e, s, s, e, s, ', ,, , ', D, a, t, e, s, , o, f, , B, i, r, t, h, ', ,, , ', M, e, d, i, c, a, l, , R, e, c, o, r, d, , N, u, m, b, e, r, s, ', ,, , ', T, r, e, a, t, m, e, n, t, , I, n, f, o, r, m, a, t, i, o, n, ', ,, , ', H, e, a, l, t, h, , I, n, s, u, r, a, n, c, e, , D, e, t, a, i, l, s, ', ,, , ', S, o, c, i, a, l, , S, e, c, u, r, i, t, y, , N, u, m, b, e, r, s, ', ,, , ', D, r, i, v, e, r, ’, s, , L, i, c, e, n, s, e, , N, u, m, b, e, r, s, ', ], Total Records: 8, 8, 2, 7, 8, 2,
Systems Affected: Network FilesPatient Databases
Customer Complaints: ['Class Action Lawsuits', 'Robocall Complaints (unrelated)']
Brand Reputation Impact: Significant (class action litigation, public settlement)
Legal Liabilities: Class Action Settlement ($7.6M)Ongoing Litigation (Illinois Genetic Information Privacy Act, Robocalls)Attorneys' Fees (~$2.6M, 35% of settlement)
Identity Theft Risk: High (PII/PHI exposed)
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $3.80 million.
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personally Identifiable Information (Pii), Personal Health Information (Phi), , Personally Identifiable Information (Pii), Protected Health Information (Phi) and .
Which entities were affected by each incident ?
Incident : Data Breach HOS5292352092625
Entity Name: Hospital Sisters Health System (HSHS)
Entity Type: Healthcare System
Industry: Healthcare
Customers Affected: All individuals whose PII/PHI was compromised between August 16–27, 2023 (exact number not specified)
Incident : Data Breach HOS3502435100325
Entity Name: Hospital Sisters Health System (HSHS)
Entity Type: Hospital Network, Healthcare Provider
Industry: Healthcare
Location: Springfield, IllinoisMidwest (13 hospitals/community health centers)
Customers Affected: 882782
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach HOS5292352092625
Communication Strategy: Notices sent to affected individuals via postcard/email with unique ID/PIN for claims. Settlement administrator established for claims processing.
Incident : Data Breach HOS3502435100325
Incident Response Plan Activated: True
Third Party Assistance: Forensic Investigators, Legal Counsel.
Containment Measures: Network Access RevokedImmediate Remediation
Remediation Measures: Enhanced Data Security Policies (unspecified)
Communication Strategy: Breach Notices to Affected Individuals (September 2024)Public Statement (via Information Security Media Group)Settlement Notices (mail, November 2024 claim deadline)
Enhanced Monitoring: 24-Month Credit/Identity Monitoring for Victims
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Forensic Investigators, Legal Counsel, .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach HOS5292352092625
Type of Data Compromised: Personally identifiable information (pii), Personal health information (phi)
Sensitivity of Data: High (includes health and identity-related data)
Data Exfiltration: Likely (data was compromised and sold/used for fraud)
Personally Identifiable Information: NamesCredit/financial dataHealth recordsIDs (e.g., driver’s licenses, Social Security numbers)
Incident : Data Breach HOS3502435100325
Type of Data Compromised: Personally identifiable information (pii), Protected health information (phi)
Number of Records Exposed: 882782
Sensitivity of Data: High (Medical, Financial, Identifiable)
File Types Exposed: Patient RecordsAdministrative Files
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Enhanced Data Security Policies (unspecified), .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by network access revoked, immediate remediation and .
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Data Breach HOS3502435100325
Data Exfiltration: True
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach HOS5292352092625
Legal Actions: Class action lawsuit settled for $7.6 million
Incident : Data Breach HOS3502435100325
Legal Actions: Class Action Settlement (Chancery Court of Sangamon County, IL), Ongoing Litigation (Illinois Genetic Information Privacy Act, Robocalls),
Regulatory Notifications: Law Enforcement Notified
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Class action lawsuit settled for $7.6 million, Class Action Settlement (Chancery Court of Sangamon County, IL), Ongoing Litigation (Illinois Genetic Information Privacy Act, Robocalls), .
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Data Breach HOS3502435100325
Lessons Learned: Healthcare industry must tighten cybersecurity standards to avoid costly litigation., Quick settlements with minimal payouts to victims are a common defendant strategy., Proactive security improvements (even if unspecified) can mitigate future risks.
What recommendations were made to prevent future incidents ?
Incident : Data Breach HOS3502435100325
Recommendations: Implement multi-layered security controls (e.g., encryption, access monitoring)., Conduct regular third-party audits of data security practices., Enhance incident response transparency to rebuild trust.Implement multi-layered security controls (e.g., encryption, access monitoring)., Conduct regular third-party audits of data security practices., Enhance incident response transparency to rebuild trust.Implement multi-layered security controls (e.g., encryption, access monitoring)., Conduct regular third-party audits of data security practices., Enhance incident response transparency to rebuild trust.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Healthcare industry must tighten cybersecurity standards to avoid costly litigation.,Quick settlements with minimal payouts to victims are a common defendant strategy.,Proactive security improvements (even if unspecified) can mitigate future risks.
References
Where can I find more information about each incident ?
Incident : Data Breach HOS5292352092625
Source: Class Action Settlement Notice
Incident : Data Breach HOS5292352092625
Source: Settlement Administrator Contact
Incident : Data Breach HOS3502435100325
Source: Information Security Media Group (ISMG)
Date Accessed: 2024-10-02
Incident : Data Breach HOS3502435100325
Source: Chancery Court of Sangamon County, Illinois (Settlement Hearing)
Incident : Data Breach HOS3502435100325
Source: Hales Law Group (Legal Analysis)
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Class Action Settlement Notice, and Source: Settlement Administrator Contact, and Source: Information Security Media Group (ISMG)Date Accessed: 2024-10-02, and Source: Chancery Court of Sangamon County, Illinois (Settlement Hearing), and Source: Hales Law Group (Legal Analysis).
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach HOS5292352092625
Investigation Status: Settled (class action lawsuit resolved; no admission of wrongdoing by HSHS)
Incident : Data Breach HOS3502435100325
Investigation Status: Closed (Settlement Reached)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Notices sent to affected individuals via postcard/email with unique ID/PIN for claims. Settlement administrator established for claims processing., Breach Notices To Affected Individuals (September 2024), Public Statement (Via Information Security Media Group), Settlement Notices (Mail and November 2024 Claim Deadline).
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach HOS5292352092625
Stakeholder Advisories: Notices sent to affected individuals with claim instructions (ID/PIN provided). Settlement administrator available via email ([email protected]) and phone (844-496-1105).
Customer Advisories: Claim deadline: November 14, 2025. Options include documented loss reimbursement (up to $5,000), pro rata cash payment, or two years of credit monitoring. Payouts via PayPal, Venmo, Zelle, or paper check.
Incident : Data Breach HOS3502435100325
Stakeholder Advisories: Settlement Notices Mailed To Class Members (September 2024)., Final Hearing Scheduled For December 4, 2024..
Customer Advisories: Eligible victims can claim up to $5,000 for out-of-pocket losses (deadline: November 14, 2024).24 months of free credit/identity monitoring offered.
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Notices sent to affected individuals with claim instructions (ID/PIN provided). Settlement administrator available via email ([email protected]) and phone (844-496-1105)., Claim deadline: November 14, 2025. Options include documented loss reimbursement (up to $5,000), pro rata cash payment, or two years of credit monitoring. Payouts via PayPal, Venmo, Zelle, or paper check., Settlement Notices Mailed To Class Members (September 2024)., Final Hearing Scheduled For December 4, 2024., Eligible Victims Can Claim Up To $5,000 For Out-Of-Pocket Losses (Deadline: November 14, 2024)., 24 Months Of Free Credit/Identity Monitoring Offered. and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach HOS5292352092625
High Value Targets: Pii, Phi,
Data Sold on Dark Web: Pii, Phi,
Incident : Data Breach HOS3502435100325
High Value Targets: Patient Databases, Pii/Phi Records,
Data Sold on Dark Web: Patient Databases, Pii/Phi Records,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach HOS5292352092625
Root Causes: Alleged failure to adequately protect sensitive information (per lawsuit)
Incident : Data Breach HOS3502435100325
Root Causes: Unspecified Network Vulnerabilities, Inadequate Access Controls,
Corrective Actions: Remedial Security Measures (Unspecified), Settlement-Mandated Improvements,
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Forensic Investigators, Legal Counsel, , 24-Month Credit/Identity Monitoring For Victims, .
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Remedial Security Measures (Unspecified), Settlement-Mandated Improvements, .
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unidentified (Third-Party Hacker).
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-08-16.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Personally Identifiable Information (PII), Personal Health Information (PHI), Types: ['Names', 'Addresses', 'Dates of Birth', 'Medical Record Numbers', 'Treatment Information', 'Health Insurance Details', 'Social Security Numbers', 'Driver’s License Numbers'], Total Records: 882782, , Types: ['Names', 'Addresses', 'Dates of Birth', 'Medical Record Numbers', 'Treatment Information', 'Health Insurance Details', 'Social Security Numbers', 'Driver’s License Numbers'], Total Records: 882782 and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Network systems and Network FilesPatient Databases.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was forensic investigators, legal counsel, .
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Network Access RevokedImmediate Remediation.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Personal Health Information (PHI) and Personally Identifiable Information (PII).
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 1.7K.
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Class action lawsuit settled for $7.6 million, Class Action Settlement (Chancery Court of Sangamon County, IL), Ongoing Litigation (Illinois Genetic Information Privacy Act, Robocalls), .
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Proactive security improvements (even if unspecified) can mitigate future risks.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Conduct regular third-party audits of data security practices., Implement multi-layered security controls (e.g., encryption, access monitoring). and Enhance incident response transparency to rebuild trust..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Information Security Media Group (ISMG), Class Action Settlement Notice, Settlement Administrator Contact, Hales Law Group (Legal Analysis), Chancery Court of Sangamon County and Illinois (Settlement Hearing).
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Settled (class action lawsuit resolved; no admission of wrongdoing by HSHS).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Notices sent to affected individuals with claim instructions (ID/PIN provided). Settlement administrator available via email ([email protected]) and phone (844-496-1105)., Settlement notices mailed to class members (September 2024)., Final hearing scheduled for December 4, 2024., .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an Claim deadline: November 14, 2025. Options include documented loss reimbursement (up to $5,000), pro rata cash payment, or two years of credit monitoring. Payouts via PayPal, Venmo, Zelle, or paper check., Eligible victims can claim up to $5,000 for out-of-pocket losses (deadline: November 14 and 2024).24 months of free credit/identity monitoring offered.
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Alleged failure to adequately protect sensitive information (per lawsuit), Unspecified Network VulnerabilitiesInadequate Access Controls.
What was the most significant corrective action taken based on post-incident analysis ?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Remedial Security Measures (unspecified)Settlement-Mandated Improvements.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=hospital-sisters-health-system' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
