GHC-SCW faced a cyberattack, affecting over half a million people

A non-profit healthcare provider in Wisconsin called GHC-SCW recently faced a cyberattack that compromised the personal and medical details of more than half a million individuals. Based on reports, the incident allegedly started earlier this year after a breach occurred when a ransomware gang infiltrated the organisation’s network.

The attackers could not encrypt the devices they compromised, which allowed GHC-SCW to secure their systems with the aid of relevant agencies. They contained the breach and restored the affected systems after isolation.

 

GHC-SCW uncovered the incident in January after identifying unauthorised access to their network.

 

Based on reports, GHC-SCW became aware of the breach on January 25, 2024, when they noticed unauthorised activities within their network. They immediately isolated and secured the infected network to prevent attackers from navigating further into their system.

During their investigation from the identification of the breach until February, they confirmed that the attackers accessed and copied sensitive data, including protected health information (PHI).

The investigation confirmed that the stolen health data includes personal details like names, addresses, contact numbers, dates of birth, social security numbers, and Medicare/Medicaid IDs.

However, the agency still did not disclose the exact number of affected individuals despite uncovering various hack details. Still, they assured everyone they had provided further details to the U.S. Department of Health and Human Services, revealing that the attack impacted over 533,000 people.

In response to this breach, GHC-SCW has implemented additional security measures to stop such incidents from happening again. They have upgraded their existing controls, improved data backup systems, and run user training to increase people’s cybersecurity awareness.

On the other hand, the agency advised the affected individuals to remain vigilant, monitor all communications from healthcare providers, and promptly report any suspicious activity to them. As of now, investigations have yet to find evidence that the stolen information is suffering misuse for malicious purposes.

Although GHC-SCW did not initially disclose the identity of the ransomware group responsible for the attack, the BlackSuit ransomware gang claimed responsibility last month. According to their claims, the stolen files also contain financial information, employee data, business contracts, and email correspondence.

There are no further details about this claim. Thus, potentially affected individuals should be cautious with their digital presence and avoid accepting unsolicited communications, as threat actors could use the stolen data for other illicit activities.