In the early morning hours of January 25, 2024, Group Health Cooperative of South Central Wisconsin (GHC-SCW) identified unauthorized access to their network. Their Information Technology (IT) Department purposefully isolated and secured their network, causing several of their systems to be temporarily unavailable. The attacker attempted to encrypt GHC-SCW’s system but was unsuccessful.
As part of their response effort, they reported the incident to the Federal Bureau of Investigation (FBI) and hired outside cyber incident response resources to assist them in restoring and verifying the security of their network and systems, and to investigate the attack. These resources successfully allowed GHC-SCW to bring their systems back online methodically and safely.
On February 9, 2024, during their investigation, they discovered indications that the attacker had copied some of GHC-SCW’s data, which included protected health information (PHI). The PHI that the attacker stole may have included name, address, telephone number, e-mail address, date of birth and/or death, social security number, member number, and Medicare and/or Medicaid number. Their discovery was confirmed when the attacker, a foreign ransomware gang, contacted GHC-SCW claiming responsibility for the attack and stealing their data.
GHC-SCW has no indication that information has been used or further disclosed. To reduce the risk of this happening again, they have implemented enhanced security measures across all their systems and networks. This includes strengthening existing controls, data backup, user training and awareness and other measures.
Healthcare Real Estate: Responding to Shifting Patient Demands
Over 40% of Workers Impacted by Seasonal Depression
Archer Property Partners Acquires Medical Office Building Near Tri-City Hospital
The OR HVAC Puzzle: Why Individual Systems Are on the Rise
Sutter Health Announces Plans for New Santa Clara Medical Center