Cancer clinic warns 2.2 million patients of data breach

Cancer treatment provider 21st Century Oncology Holdings has warned 2.2 million patients and employees that their sensitive data may have been stolen in a cyberattack.

The breach was revealed on March 4, but the Florida-based cancer clinic chain was informed of the cyberattack and information theft on November 13, 2015, by the FBI. The US law enforcement agency knew about the attack but asked 21st Century Oncology to keep quiet until an investigation into the incident was complete.

The cyberattackers accessed a key database in early October. Although no details concerning how the cybercriminal managed to compromise the company's network, they were able to access and steal data including patients' names, Social Security numbers, physicians' names, diagnosis and treatment information, as well as insurance records.