Largest Healthcare Network in Savannah, Ga., Falls Victim to Ransomware Attack

Aug. 20, 2021
St. Joseph’s/Candler has suffered a ransomware attack that has affected 1.4 million individuals—with both demographic and financial information involved

The current cybersecurity landscape continues to challenge health systems across the U.S., as data breaches, cyberattacks, and ransomware become more and more commonplace. An Aug. 19 article from The Daily Swig by Emma Woollacott reported that “St. Joseph’s/Candler (SJ/C), the largest healthcare network in Savannah, Georgia, says in a statement that it first detected the breach on June 17.” The breach Woollacott is referring to is every health network’s worst nightmare, a ransomware attack.

The SJ/C statement states “On June 17, 2021, SJ/C identified suspicious activity in its IT network. SJ/C immediately took steps to isolate and secure its systems, notified law enforcement, and launched an investigation with the assistance of cybersecurity firms. Through SJ/C’s investigation it was determined that the incident resulted in an unauthorized party gaining access to SJ/C’s IT network between the dates of December 18, 2020 and June 17, 2021. While in our IT network, the unauthorized party launched a ransomware attack that made files on our systems inaccessible.”

According to the U.S. Department of Health and Human Services’ breach portal 1.4 million individuals were affected. The statement from SJ/C states that “This information may have included patient names in combination with their address, date of birth, Social Security number, driver’s license number, patient account number, billing account number, financial information, health insurance plan member ID, medical record number, dates of service, provider names, and medical and clinical treatment information regarding care received from SJ/C.”

Woollacott wrote that “An SJ/C spokesperson would not confirm whether a ransom was paid. However, after having temporarily resorted to using paper records, SJ/C was able to restore its IT systems to ‘fully operational’ this week. It is now contacting all the patients involved and is offering them free credit monitoring and identity protection services.”

CynergisTek’s annual report “Maturity Paradox: New World, New Threats, New Focus,” stated that “In 2020 we saw record ransomware attacks on healthcare, attacks that used our vendors and third party suppliers and that it’s continuing into 2021. Yet, still, over half of the sector (64 percent) is below what we would consider a passing score.”

SJ/C’s statement said that “To help prevent something like this from happening again, we have implemented, and will continue to adopt, additional safeguards and technical security measures to further protect and monitor our systems.”

Sponsored Recommendations

Elevating Clinical Performance and Financial Outcomes with Virtual Care Management

Transform healthcare delivery with Virtual Care Management (VCM) solutions, enabling proactive, continuous patient engagement to close care gaps, improve outcomes, and boost operational...

Examining AI Adoption + ROI in Healthcare Payments

Maximize healthcare payments with AI - today + tomorrow

Addressing Revenue Leakage in Hospitals

Learn how ReadySet Surgical helps hospitals stop the loss of earned money because of billing inefficiencies, processing and coding of surgical instruments. And helps reduce surgical...

Care Access Made Easy: A Guide to Digital Self Service

Embracing digital transformation in healthcare is crucial, and there is no one-size-fits-all strategy. Consider adopting a crawl, walk, run approach to digital projects, enabling...