Ransomware, Incident Response, Breach

Georgia hospital recovering from cyberattack with EHR downtime procedures

Airmen wheel a patient into the emergency room Feb. 22, 2022, at Eglin Air Force Base, Fla. (Senior Airman Amanda A. Flower-Raschella/Air Force)

A cyberattack on Jack Hughston Memorial Hospital has led the Georgia hospital to pull certain systems offline and operate under electronic health record procedures, local news outlets reported Wednesday. It’s unclear the type of attack behind the network outage.

Patient care is continuing without disruptions, while the hospital works with a third-party cybersecurity firm to investigate the incident. The “hospital administration” is working to determine any possible compromise of patient data.

In previous years, cyberattacks leading to EHR downtime have been far more common. The attack on Jack Hughston Memorial is the first healthcare entity in the U.S. to report falling victim so far this summer. This story will be updated if more information becomes available.

Data of 172K patients accessed during hack of 90 Degree Benefits

90 Degree Benefits Wisconsin, formerly EBSO, recently began notifying 172,450 patients their data was accessed during the hack of several electronic record systems on Feb. 27.

An investigation into the scope of the incident found a threat actor gained access and possibly acquired patient files containing protected health information contained in certain systems. The notice does not contain any further details into the type of cyberattack or systems’ hack that led to the access, nor does it explain just what PHI was compromised during the incident.

But all patients will receive free credit monitoring and identity theft restoration services. 90 Degree Benefits Wisconsin officials said they’ve since taken steps to prevent  a recurrence.

Another 3 providers added to Eye Care Leaders breach tally

The patients of Aloha Laser Vision, Long Vision Center, and Carolina Eye Care are the latest providers included in the ongoing Eye Care Leaders breach tally, which has become the largest healthcare incident reported this year.

The incident now includes 43,263 Aloha Laser patients; 29,237 patients from Long Vision; and 68,739 Carolina Eye patients. Reported last week, the Department of Health and Human Services breach reporting tool now shows the total number of impacted patients from Stokes Regional Eye Centers and Sharper Vision.

A total of 266,170 Stokes Regional patients and 6,891 patients from Sharper Vision have now joined the growing fallout. With these added patients, the total ECL breach tally is now 2.65 million patients.

As extensively reported, ECL was hit with a ransomware attack six months ago on December 4 after a threat actor gained access to the EMR platform and certain client data. The incident drove some clients to downtime procedures.

During the dwell time, the attacker deleted several databases containing system configuration files and patient data, some of which has not been recovered. The dozens of notices show most of the compromised data included contact details, Social Security numbers, dates of birth, treatments, and diagnoses.

For some providers, the hack involved financial data, health insurance information, and other sensitive details. The subsequent investigation could not rule out access or exfiltration of the data.

While some of the impacted providers have either stopped working with ECL or are evaluating their contracts, Aloha Laser, Carolina Eye, and Long Vision will continue to leverage the EMR cloud vendor.

ECL is currently defending itself against a provider-led lawsuit that accuses the vendor of concealing multiple ransomware attacks and several extended periods of downtime, which occurred several months before the reported December incident.

Jessica Davis

The voice of healthcare cybersecurity and policy for SC Media, CyberRisk Alliance, driving industry-specific coverage of what matters most to healthcare and continuing to build relationships with industry stakeholders.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.