« Information Technology
  

Chattanooga Heart Institute Caught in Cyberattack

An unauthorized third party gained access to the provider’s network.

By HFT Staff


On April 17, 2023, The Chattanooga Heart Institute identified indications of a cybersecurity 
attack on its IT network. The Chattanooga Heart Institute immediately took steps to secure its 
network and began an investigation with the assistance of an external forensics vendor. The 
investigation determined that an unauthorized third party gained access to The Chattanooga 
Heart Institute’s network between March 8, 2023, and March 16, 2023. On May 31, 2023, The 
Chattanooga Heart Institute learned that the unauthorized third party obtained copies of some of 
the data from its systems containing confidential patient information. It is important to note, 
however, that the unauthorized third party did not retrieve data directly from The Chattanooga Heart 
Institute’s Electronic Medical Record (EMR). 

While The Chattanooga Heart Institute continues to complete an extensive review of the files 
involved, the investigation found that the unauthorized third party may have accessed or 
acquired some information related to The Chattanooga Heart Institute patients or their 
guarantors. The information in the files may have included name, mailing address, email 
address, phone number, date of birth, driver’s license number, Social Security number, account 
information, health insurance information, diagnosis/condition information, lab results, 
medications and other clinical, demographic or financial information. 

Upon discovering the unauthorized third-party access, The Chattanooga Heart Institute took 
quick action to protect its systems, contain the incident, begin an investigation and maintain 
continuity of care. In addition, The Chattanooga Heart Institute notified federal law enforcement. 
Once secured, systems were returned to the network with additional security and monitoring 
tools. 

Notification letters to individuals whose data may be involved will begin to be sent out by US 
mail over the coming weeks as the detailed review of each file is completed. To help relieve 
concerns and restore confidence following this incident, The Chattanooga Heart Institute has 
secured the services of Equifax to provide identity monitoring at no cost to individuals whose 
data may be involved. These identity monitoring services, as described in more detail in the 
individual notification letters being provided to affected individuals, include Credit Monitoring, 
Fraud Consultation and Identity Theft Restoration. 

 



August 22, 2023


Topic Area: Information Technology , Security

Recent Posts

Alleged Ransomware Administrator Extradited from South Korea

The Phobos ransomware has been used globally to target over 1,000 organizations, including healthcare.

Design Plans Unveiled for New Intermountain St. Vincent Regional Hospital

The new hospital will be a 14-floor, 737,000 square-foot facility in Billings, Montana.

Ground Broken on New Pediatric Health Campus in Dallas

The new campus will replace the existing Children’s Medical Center Dallas.

Pre-Construction Strategies for Successful Facilities Projects

Savvy decisions can help facilities meet long-term goals by creating consistency and eliminating waste.

Geisinger Finds Success with Violence Prevention Efforts

Their safety measures included training staff in de-escalation, active-shooter response drills and equipping 6,000 employees with duress notification badges.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.