Technology
5.5 million patients' information exposed by major healthcare data breach
Healthcare seems to be the favorite target of attackers this year. It’s been only four months, and we’ve already seen some of the biggest data breaches in the sector. Recently, news about the Blue Shield of California data breach came to light, leaking the personal data of 4.7 million people.
But if that wasn’t enough, Connecticut’s largest healthcare system, Yale New Haven Health, has now revealed that a data breach affected more than 5.5 million people.
The information leaked included patient names, dates of birth, postal and email addresses, phone numbers and more.
Join the FREE CyberGuy Report: Get my expert tech tips, critical security alerts, and exclusive deals — plus instant access to my free Ultimate Scam Survival Guide when you sign up!
Illustration of a hacker at work. (Kurt “CyberGuy” Knutsson)
What you need to know
According to a legally mandated disclosure with the U.S. Department of Health and Human Services, Yale New Haven Health experienced a cyberattack on March 8 that allowed malicious hackers to obtain copies of patients’ personally identifiable information as well as some healthcare-related data.
Yale New Haven Health is a nonprofit healthcare system based in New Haven, Connecticut. It includes five acute-care hospitals, a medical foundation, and a network of outpatient facilities and multispecialty centers across Connecticut, New York and Rhode Island.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
In a notice posted on its website, the healthcare system said the stolen data varied by individual but could include names, dates of birth, postal and email addresses, phone numbers, race and ethnicity information, Social Security numbers, types of patients and medical record numbers. Reportedly, the number of affected individuals may still change as investigations continue. Importantly, electronic medical record systems and treatment information were not accessed, and no financial account, payment or employee HR information was involved.
This is not the first time healthcare systems have been in the crosshairs of cybercriminals. In recent years, attacks on institutions like UnitedHealth and Ascension Health have led to months of operational disruption, massive financial costs and prolonged investigations.
Illustration of a doctor looking at data on a phone. (Kurt “CyberGuy” Knutsson)
DOUBLECLICKJACKING HACK TURNS DOUBLE-CLICKS INTO ACCOUNT TAKEOVER
What Yale New Haven Health is doing
Yale New Haven Health brought in cybersecurity firm Mandiant to assist with the investigation and said a rapid response helped contain the incident and prevent any disruption to patient care. The organization noted that it regularly updates and strengthens its systems to protect sensitive data and will continue those efforts. Notification letters began going out to affected individuals on April 14, and complimentary credit monitoring and identity theft protection services have been offered to those whose Social Security numbers were compromised.
The breach could have serious consequences for those impacted. The stolen data includes highly sensitive information that can be used for identity theft, financial fraud, phishing attacks or targeted scams. Healthcare data is especially valuable on the black market because it can be exploited for long periods without easy detection. Even if Social Security numbers or medical information aren’t misused right away, the long-term risk for affected individuals remains significant.
We reached out to Yale New Haven Health (YNHHS), and a health system spokesperson said in part:
“We take our responsibility to safeguard patient information incredibly seriously, and we regret any concern this incident may have caused. We are continuously updating and enhancing our systems to protect the data we maintain and to help prevent events such as this from occurring in the future. For more information on this incident, patients may visit YNHHS’ website at ynhhs.org or call our dedicated, toll-free call center at 1-855-549-2678, Monday through Friday, between 9:00 am and 9:00 pm Eastern Time, excluding major U.S. holidays.”
A healthcare employee working on a laptop. (Kurt “CyberGuy” Knutsson)
MALWARE EXPOSES 3.9 BILLION PASSWORDS IN HUGE CYBERSECURITY THREAT
5 ways you can stay safe from insurance data breach
If your information was part of the Yale New Haven Health breach or any similar one, it’s worth taking a few steps to protect yourself.
1. Consider identity theft protection services: Since the Yale New Haven Health data breach exposed personal and financial information, it’s crucial to stay proactive against identity theft. Identity theft protection services offer continuous monitoring of your credit reports, social security number, and even the dark web to detect if your information is being misused. These services send you real-time alerts about suspicious activity, such as new credit inquiries or attempts to open accounts in your name, helping you act quickly before serious damage occurs. Beyond monitoring, many identity theft protection companies provide dedicated recovery specialists who assist you in resolving fraud issues, disputing unauthorized charges and restoring your identity if it’s compromised. See my tips and best picks on how to protect yourself from identity theft.
2. Use personal data removal services: The Yale New Haven Health data breach leaks loads of information about you, and all this could end up in the public domain, which essentially gives anyone an opportunity to scam you.
One proactive step is to consider personal data removal services, which specialize in continuously monitoring and removing your information from various online databases and websites. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here.
3. Have strong antivirus software: Yale New Haven Health hackers have people’s email addresses and full names, which makes it easy for them to send you a phishing link that installs malware and steals all your data. These messages are socially engineered to catch them, and catching them is nearly impossible if you’re not careful. However, you’re not without defenses..
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices
4. Enable two-factor authentication: While passwords weren’t part of the data breach, you still need to enable two-factor authentication (2FA). It gives you an extra layer of security on all your important accounts, including email, banking and social media. 2FA requires you to provide a second piece of information, such as a code sent to your phone, in addition to your password when logging in. This makes it significantly harder for hackers to access your accounts, even if they have your password. Enabling 2FA can greatly reduce the risk of unauthorized access and protect your sensitive data.
5. Be wary of mailbox communications: Bad actors may also try to scam you through snail mail. The data leak gives them access to your address. They may impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions and security alerts.
WINDOWS 10 SECURITY FLAWS LEAVE MILLIONS VULNERABLE
Kurt’s key takeaway
While Yale New Haven has been working with security experts to contain the breach and notify those affected, it is troubling that hackers were able to access the data of 5.5 million individuals before the organization detected the intrusion. The incident highlights a deeper issue, revealing gaps in the security infrastructure that many healthcare institutions are still not adequately addressing.
Do you think companies are investing enough in their cybersecurity infrastructure? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you’d like us to cover.
Follow Kurt on his social channels:
Answers to the most-asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
Rad Power Bikes, the once dominant electric bicycle brand in the US, filed for Chapter 11 bankruptcy protection this week as it seeks to sell of its company. The move comes less than a month after Rad Power said it could not afford to recall its older e-bike batteries that had been designated a fire risk by the US Consumer Protection Safety Commission.
The bankruptcy, which was first reported by Bicycle Retailer, was filed in US Bankruptcy Court for the Eastern District of Washington, near the company’s headquarters in Seattle. Rad Power lists its estimated assets at $32.1 million and estimated liabilities at $72.8 million. Its inventory of e-bikes, spare parts, and accessories is listged at $14.2 million, Bicycle Retailer says.
It’s a stunning reversal for the once leading e-bike company in the US. Mike Radenbaugh founded the company in 2015 after several years of selling custom-made e-bikes to customers on the West Coast. Rad Power quickly grew to over 11 distinct models, including the fat-tire RadRover, the long-tail RadWagon, and the versatile RadRunner. Rad Power Bikes raised an approximate total of $329 million across several funding rounds, primarily in 2021, with major investments from firms like Fidelity, Morgan Stanley, and T. Rowe Price.
But in the wake of the post-covid bike boom, things started to go south. There were supply chain disruptions, safety recalls, several rounds of layoffs, and executive turnover. Last month, Rad Power said it was facing “significant financial challenges” that could lead to its imminent closure without a cash infusion.
The CPSC warning apparently was the nail in the coffin. The company’s older batteries could “unexpectedly ignite and explode,” the agency warned, citing 31 fires, including 12 reports of property damage totaling $734,500. There weren’t any injuries, but the company said it couldn’t afford a costly recall.
Rad Power could still live on if its able to find a buyer for its assets and brand. Dutch e-bike make VanMoof was able to find a buyer following its 2023 bankruptcy. And Belgium’s Cowboy is in talks to be acquired by a French holding company of several bike brands. Rad Power will continue to operate as it restructures its debts under court supervision, and in a statement to Bicycle Retailer said it will continue to sell bikes and work with customers and vendors as it moves forward with the process.
NEWYou can now listen to Fox News articles!
Chrome on Android now offers a fresh way to digest information when your hands are busy or your eyes need a break.
A new update powered by Google Gemini can turn written webpages into short podcast-style summaries. Two virtual hosts chat about the content, making it feel easier to follow during your commute or while you multitask.
This upgrade builds on Chrome’s long-standing read-aloud tool, yet now adds a more natural and lively delivery. It does not work on every website, so some pages will still use the original word-for-word reading. When the AI option appears, though, the audio feels polished and smooth.
Below is how to try it on your Android phone right now.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
HOW TO DISABLE GEMINI AI ON ANDROID AND KEEP CONTROL OF YOUR APPS
Make sure you have the newest Chrome version so the AI podcast feature works. (Cyberguy.com)
Update Chrome before you start
First, make sure Chrome is current in the Play Store by opening the Play Store, searching for Google Chrome and tapping Update if it appears. The AI podcast feature works with version 140.0.7339.124 or newer, so confirm you have at least that version installed. Once you finish the update, open Chrome and pick any webpage with text you want to hear.
Settings may vary depending on your Android phone’s manufacturer.
Open the More menu
- Tap the More icon or the three vertical dots in the upper right corner. This reveals a set of options that control how Chrome displays or reads the page.
Select Listen to this page
- Choose Listen to this page. You will see a small Generating AI playback banner at the bottom. The processing is fast, so you will not wait long.
Hear the AI hosts discuss the page
- Chrome will start a mini podcast with two voices talking through the content. You can tap the playback bar to pause, rewind or jump ahead. The panel stays on screen and follows you as you scroll.
Switch to standard playback when you want
- The AI audio keeps going even if you leave the webpage. If you prefer a traditional word-for-word readback, tap the AI playback icon in the lower left and pick Standard Playback.
Chrome begins creating the AI audio as soon as you tap the “Listen to this Page” option. (iStock)
ANDROID EMERGENCY LIVE VIDEO GIVES 911 EYES ON THE SCENE
What this means to you
This feature can make long articles easier to absorb when you are on the move. You get a quick, conversational rundown without having to read a full page. It also helps you revisit information faster since the controls work like any audio player. If you enjoy podcasts, this tool gives you a familiar way to stay informed without draining your attention.
Take my quiz: How safe is your online security?
Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here: Cyberguy.com.
Kurt’s key takeaways
Chrome’s AI podcast feature brings a new layer of convenience to Android. It saves time, reduces eye strain and turns everyday browsing into a hands-free audio experience. Since it still supports the standard read-aloud mode, you can switch back anytime.
Would you use AI hosts to read your favorite websites, or do you prefer the classic readback style? Let us know by writing to us at Cyberguy.com.
Using the new update powered by Google Gemini, you can change from the AI podcast to a simple word-for-word reading at any time. (“I’ve Had It” YouTube channel)
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
Copyright 2025 CyberGuy.com. All rights reserved.
Wiles says she called Musk on the carpet. “You can’t just lock people out of their offices,” she recalls telling him. At first, Wiles didn’t grasp the effect that slashing USAID programs would have on humanitarian aid. “I didn’t know a lot about the extent of their grant making.” But with immunizations halted in Africa, lives would be lost. Soon she was getting frantic calls from relief agency heads and former government officials with a dire message: Thousands of lives were in the balance.
Wiles continued: “So Marco is on his way to Panama. We call him and say, ‘You’re Senate-confirmed. You’re going to have to be the custodian, essentially, of [USAID].’ ‘Okay,’ he says.” But Musk forged ahead—all throttle, no brake. “Elon’s attitude is you have to get it done fast. If you’re an incrementalist, you just won’t get your rocket to the moon,” Wiles said. “And so with that attitude, you’re going to break some china. But no rational person could think the USAID process was a good one. Nobody.”
Real-Time Updates: Severe weather slams Western Montana Wednesday, Dec. 17
Newly reelected Nebraska Farmers Union president says current farm policy is ‘not working’
Nevada reaches settlement with Hyundai and Kia over anti-theft technology
Police investigate Walpole shooting incident
Garden State Equality director resigns amid child endangerment, assault charges
Florida High School Football Rankings: Top 25 teams – Oct. 21
Cleary's 21 help Le Moyne down Central Connecticut State 69-64 in OT
How old is Bo Nix? What to know about Oregon quarterback ahead of 2024 NFL Draft
99th annual Pony Swim held in Virginia
Video: ‘It Didn’t Have to Happen This Way:’ U.Va. Faculty Call for Review of Police Response to Protests
Video: Man on Roof Faces Off with ICE Agents for Hours in Minnesota
Maryland to study slavery reparations after lawmakers override Dem governor’s veto
Louvre reopens partially after workers extend strike in aftermath of heist
Trump’s BBC lawsuit: A botched report, BritBox, and porn
Video: Prosecutors Charge Nick Reiner With Murdering His Parents
-
Iowa2 days agoAddy Brown motivated to step up in Audi Crooks’ absence vs. UNI
-
Washington1 week agoLIVE UPDATES: Mudslide, road closures across Western Washington
-
Iowa1 week agoMatt Campbell reportedly bringing longtime Iowa State staffer to Penn State as 1st hire
-
Iowa4 days agoHow much snow did Iowa get? See Iowa’s latest snowfall totals
-
Cleveland, OH1 week agoMan shot, killed at downtown Cleveland nightclub: EMS
-
Maine24 hours agoElementary-aged student killed in school bus crash in southern Maine
-
World1 week ago
Chiefs’ offensive line woes deepen as Wanya Morris exits with knee injury against Texans
-
Maryland2 days agoFrigid temperatures to start the week in Maryland
