Boston University's heart study hit by cyberattack, data breach
Learn More
A cyberattack has breached Boston University's Framingham Heart Study (FHS), the nation's longest-running multigenerational heart study, affecting data from all 15,448 participants.
The incident occurred on September 8, 2024 and was detected and partially contained by BU and FHS information technology specialists. The attackers managed to copy and transfer some files before being stopped.
Boston University is collaborating with multiple federal agencies including the National Institutes of Health, the Department of Health and Human Services, and law enforcement. They have also hired external forensic experts to investigate the incident and implement additional security measures.
The compromised data includes both living and deceased participants' information:
- names,
- addresses,
- dates of birth,
- telephone numbers,
- email addresses,
- sex,
- race,
- ethnicity,
- income and occupational categories,
- signatures,
- medical information.
The nature of the attack is not disclosed.
The University claims that Social Security numbers were exposed for a small portion of the participants, affecting less than 2% of living study members. The breach is particularly significant given the historical importance of the study, which has been running for 75 years and spans three generations of participants plus two minority cohorts.
The university has notified all study participants and is providing free credit monitoring services to those whose Social Security numbers were compromised.
