Wayne Memorial Hospital (WMH) in Honesdale, Pennsylvania, experienced a data security breach on June 3, 2024. The incident involved a ransomware attack where an unauthorized third party gained access to WMH’s network, encrypted certain data, and left a ransom note. WMH quickly disconnected its network and engaged cybersecurity professionals and legal counsel to secure its systems and investigate the breach. The investigation revealed that the unauthorized actor had access to a limited number of WMH systems between May 30 and June 3, 2024, and may have copied some files.
The hospital is conducting a thorough review of the compromised files to determine if they contained any personal information. If any personal data is found to be involved, WMH will notify the affected individuals in accordance with applicable laws. At this time, there is no evidence that the unauthorized actor has used anyone’s personal information for identity theft or fraud. It appears that the primary motivation behind the attack was to extort a ransom payment from the hospital.
WMH has taken immediate action to enhance its data security measures since the breach. The hospital has added new intrusion detection and response tools, reset all passwords, and implemented additional security enhancements to its network. The hospital continues to work with cybersecurity experts to ensure the safety and integrity of its systems and to prevent future incidents.
If the review confirms that any individual’s personal information was compromised, WMH will offer free credit monitoring and identity theft protection services to those affected. Personalized notification letters will be sent to those individuals with instructions on how to enroll in these services. WMH remains committed to protecting the privacy and security of its patients’ information and will continue to take steps to mitigate any future risks.
Reference:
