Skip to main content
Computer

Memorial Health System Data Breach

Memorial Health System, out of Marietta, Ohio, has reportedly been forced to channel emergency care to other healthcare facilities following a suspected ransomware attack.

The Memorial Health System cyberattack occurred on August 15, forcing its hospitals to shut down IT systems. Urgent surgical appointments and radiology examinations were canceled the following day.

Memorial Health System operates three hospitals (Marietta Memorial, Selby, and Sistersville General Hospital), all of which have allegedly been affected by the data breach.

An investigation into the data breach has been launched to determine the extent of the data exposed and how much personal information may have been compromised. Memorial Health System officials say there is no evidence the cyberattack leaked employee or patient data, but an investigation is ongoing, and it is still possible that thousands of files were viewed or downloaded.

Memorial Health System Data Breach

At least one tech media outlet has reportedly seen evidence suggesting the Hive ransomware group was responsible for the data breach, suggesting that data may have been stolen. Ransomware attacks usually arrive in tandem with a data breach, and hackers typically spend time on the network to determine the most valuable systems before exfiltrating files and encrypting data. By exfiltrating a data set, threat actors have leverage to force the victim to pay a ransom in exchange for providing a decryption tool.

Bleeping Computer has reported that evidence suggests databases containing the protected health information of around 200,000 individuals were stolen, potentially leaking names, dates of birth, and Social Security numbers.