Anna Jacques Hospital, one of the leading healthcare facilities in Massachusetts, has finally revealed the extent of a ransomware attack it suffered in December 2023. The data extracted affects 316,342 victims and may include demographic information, medical information, health insurance information, Social Security number, driver’s license number, financial information, and other personal or health information.
According to the hospital’s announcement, the ransomware attack was first discovered on December 25, 2023, disclosing the breach later in January 2024. After the resulting investigation was over, a manual document review was published on November 5, 2024. The investigation determined that the hackers accessed certain files containing patient data, although it might vary by individual.
Thankfully, the hospital reports no evidence of fraud from the leaked information. However, it is offering all affected individuals a complimentary two-year membership of IdentityWords Credit 3B for credit report monitoring, identity theft protection, and dark web monitoring to better protect themselves in the future.
Due to its fast-paced nature, the healthcare industry has become an easy target for cybercriminals. Hospitals and clinics can’t handle the extended outages and infrastructure shutdowns that cybercrimes like ransomware attacks bring with them.
Additionally, hospitals are also a treasure trove of data, including medical records and sensitive information like full names, numbers, email and physical addresses, and more about thousands of individuals. Hospitals are alson’t as well protected as major corporations, and ransomware gangs have been using this to their advantage.
In the News: Datavant data breach impacts 11,000, including minors