Data breach incident notice sent by Georgia based US Healthcare organization

St Joseph/Candler has sent a security incident notice to 1.4 million users, that carries a potential data breach warning. Personal and financial details of patients and other people seem to have been compromised in a ransomware attack that happened in December 2020 last. You can read full details of the ransomware attack on this link –

St Joseph/Candler is the largest healthcare provider in Savannah, Georgia. Some of the significant aspects of the ransomware attack are presented by the hospital in its security incident report. From the report, we find that the IT network and systems were exposed to external threats between 18th December to 17th June.

On June 17, 2021, SJ/C identified suspicious activity in its IT network. SJ/C immediately took steps to isolate and secure its systems, notified law enforcement, and launched an investigation with the assistance of cybersecurity firms. Through SJ/C’s investigation it was determined that the incident resulted in an unauthorized party gaining access to SJ/C’s IT network between the dates of December 18, 2020 and June 17, 2021. While in our IT network, the unauthorized party launched a ransomware attack that made files on our systems inaccessible.

from the security incident report

We cannot rule out the possibility that, as a result of this incident, files containing some of your information may have been subject to unauthorized access. This information may have included patient names in combination with their address, date of birth, Social Security number, driver’s license number, patient account number, billing account number, financial information, health insurance plan member ID, medical record number, dates of service, provider names, and medical and clinical treatment information regarding care received from SJ/C.

The extent of this data breach is massive. Patient details, including the Social Security number and the type of medical treatment received by the patient has also been a part of this potential data breach.

SJ/C started sending letters through mail to the affected individuals. It has also suggested that patients should keep a watch on the statements from other health care providers.

We recommend that patients whose information may have been involved in this incident review the statements they receive from their health care providers. If they see services they did not receive, patients should contact the provider immediately.

Attacks on the IT networks and systems of healthcare providers have been happening with alarming speed and regularity and most healthcare providers lose data to ransomware. They are seldom able to restore the data from backups.

SJ/C has disclosed that it is taking safeguards against any potential new ransomware attacks on its networks and systems.