Georgia group hospital Wayne Memorial Hospital (WMH) is notifying over 160,000 people that their private info was stolen in a Could 2024 knowledge breach.
The incident, the hospital notes within the notification letter to the impacted people, a replica of which was submitted to the Lawyer Normal’s Places of work in a number of states, was recognized on June 3, 2024, and concerned ransomware.
The hackers had entry to the healthcare group’s community between Could 30 and June 3, 2024, encrypted knowledge on hospital techniques, and left a ransom be aware.
“Upon discovery of this occasion, WMH instantly disconnected entry to its community and took sure techniques offline whereas it labored to securely and securely restore its community from backups,” the hospital says.
Through the assault, the hospital says, the hackers accessed info comparable to names, dates of start, Social Safety numbers, driver’s license numbers, state ID numbers, person credentials, bank card numbers, medical insurance info, analysis and remedy info, medical historical past, lab outcomes, and prescription particulars.
WMH instructed the Maine AGO that 163,440 folks had been affected by the information breach. Whereas the compromised info varies by particular person, the hospital is offering these affected with 12 months of free credit score monitoring and id theft safety companies.
The hospital says it engaged authorized counsel and cybersecurity professionals to safe its community and examine the assault. It additionally carried out network-wide password resets, and carried out extra detection and response capabilities.
“WMH doesn’t have any proof that the unauthorized actor misused anybody’s private info for id theft or fraud in reference to this occasion,” the hospital stated, noting that the hackers had been making an attempt to extort WMH.Commercial. Scroll to proceed studying.
The healthcare group didn’t identify the risk actor chargeable for the assault. In June 2024 the Monti ransomware group added Wayne Memorial Hospital to its Tor-based leak web site, albeit noting it was the Honesdale, Pennsylvania-based hospital.
Lively since at the very least 2022, Monti is understood for exploiting software program vulnerabilities for preliminary entry. Thus far, Monti has claimed 16 confirmed assaults, Comparitech says. Nonetheless, the ransomware group seems to have been inactive since Could 2025.
Associated: Plex Urges Password Resets Following Knowledge Breach
Associated: Menace Actor Linked to Play, RansomHub and DragonForce Ransomware Operations
Associated: Tripwire for Actual Warfare? Cyber’s Fuzzy Guidelines of Engagement
Associated: Mass Private Knowledge Theft From Paris Covid Assessments: Hospitals
