112,000 Patients Impacted by Fitzgibbon Hospital Ransomware Attack

In June 2022, it was reported that Fitzgibbon Hospital based in Marshall, MO suffered a ransomware attack, which the DAIXIN Team threat group claimed responsibility for. According to the group’s spokesperson, the hospital’s systems were compromised and the group exfiltrated 40GB of data. The stolen data included files that contain names of patients, birth dates, patient account numbers, medical record numbers, medical and treatment details, and Social Security numbers. The threat group released some of that data on its dark web data leak site.

After six months, the hospital has now affirmed the occurrence of a data breach that affected the protected health information (PHI) of 112,072 individuals. According to Fitzgibbon Hospital, it detected the attack on June 6 and launched an investigation immediately to find out the nature and extent of the breach. Third-party cybersecurity experts investigated the incident. The breach notice posted on December 2022 stated that the investigation is still in progress. Nevertheless, Fitzgibbon Hospital reported on December 1, 2022 that it discovered that certain patient information was exposed in the attack such as full names, driver’s license numbers, Social Security numbers, financial account numbers, medical insurance data, and/or medical data. The exposed data vary from one person to another.

Fitzgibbon Hospital stated that it did not receive any report of misuse of the stolen information during the issuance of notifications to patients on December 30, 2022. Nonetheless, as a safety precaution, those who had their Social Security numbers exposed received free credit monitoring services. Fitzgibbon Hospital claimed that it had taken many steps to secure patient data before the cyberattack and regularly examines and changes its practices to improve the security and privacy of patient data. The hospital engaged in the education and training of its employees concerning patient privacy issues.

Cyberattack Reported by Howard Memorial Hospital in December 2022

Howard Memorial Hospital based in Nashville, AR, has just reported that it discovered suspicious activity inside its computer system on December 4, 2022. It took immediate action to protect the system and investigated the incident with the help of third-party cybersecurity experts to find out the nature and extent of attack. On December 29, 2022, it was confirmed by the hospital that unauthorized persons had acquired access to its system on November 14, 2022. The access remained open up to December 4, 2022 when the hospital secured its system.

At that time, the threat actor got access to the network and exfiltrated selected files, which included patient data. It is uncertain how many persons were impacted as the analysis of the impacted files is still in progress. Nevertheless, the compromise of the following information has been confirmed: names, contact details, birth dates, and Social Security numbers, together with employee information and possibly direct deposit bank account details. The hospital will send notification letters to the impacted persons as soon as they are identified and updated contact details have been acquired.