Georgia hospital hit by ransomware, affects 2,500 patients

GEORGIA, UNITED STATES — Wayne Memorial Hospital in Jesup, Georgia, confirmed it was the target of a ransomware attack on June 3, 2024. 

According to a notice published by the hospital, the cybercriminal infiltrated their network, encrypting data and leaving a ransom note. In response, Wayne Memorial swiftly disconnected its network and took certain IT systems offline to restore operations from data backups.

Investigation and enhanced security measures

Following the breach, Wayne Memorial Hospital engaged cybersecurity experts and legal counsel to conduct a forensic investigation. The investigation revealed that the unauthorized actor had access to a limited number of systems between May 30 and June 3, 2024. 

Although the hacker claimed to have copied certain files, the hospital is still determining whether any personal information was compromised.

Chief Financial Officer Greg Jones emphasized the hospital’s rapid response to the incident. “Since the discovery of the incident, WMH moved quickly to secure our systems,” he stated. The hospital has implemented new intrusion detection and response tools, reset all passwords, and enhanced network security to prevent future breaches.

Impact on patients and data security

On August 2, Wayne Memorial reported to the Department of Health and Human Services that approximately 2,500 individuals were affected by the breach. 

The hospital is conducting a thorough review of the accessed files to ascertain if any personal information was involved. If personal data is found to be compromised, Wayne Memorial plans to notify the affected individuals in compliance with applicable laws.

Free credit monitoring and identity protection offered

Wayne Memorial Hospital has not discovered any evidence suggesting the misuse of personal information for identity theft or fraud. 

Based on the information available to us at this time, it appears that the unauthorized actor’s primary motivation was to extort a ransom payment from WMH,” Jones added. 

For those potentially affected, Wayne Memorial will offer free credit monitoring and identity theft protection services. 

The hospital also advises individuals to remain vigilant against identity theft by reviewing account statements and monitoring credit reports for any suspicious activity. Instructions on further protective measures will be provided to those impacted.

Healthcare sector faces cybersecurity threats

The ransomware attack on Wayne Memorial Hospital highlights the ongoing threat of cybercrime in the healthcare sector. The hospital’s proactive measures and commitment to transparency aim to reassure patients and safeguard their information against future incidents. 

This incident underscores the importance of strong cybersecurity measures in protecting sensitive health data from malicious actors.