25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Californian Hospitals Continue to be Disrupted by Thanksgiving Ransomware Attacks

Posted By on Dec 9, 2024

Over Thanksgiving weekend, Watsonville Community Hospital and PIH Health in California fell victim to ransomware attacks and continue to experience disruption to their computer systems. Jefferson Dental Center in Indiana has confirmed it has recovered from a November 15, 2024, ransomware attack.

Watsonville Community Hospital Grappling with November 29 Ransomware Attack

Watsonville Community Hospital in California is currently dealing with a cyberattack and is facing continued disruption to its computer systems. The hospital has implemented downtime protocols due to computer systems being unavailable and is recording patient information manually on charts and issuing paper prescriptions while its IT team and third-party IT specialists work to restore its computer systems.

The hospital’s emergency department remains open, and the full spectrum of care continues to be provided; however, patients are facing delays. The cyberattack caused network disruption on November 29, 2024, which has continued for more than a week. The last update on the cyberattack on the hospital’s website was on December 4, 2024, with local media informed late last week that the outage was expected to continue for several more days. The focus is currently on securing and restoring its systems, and an investigation has been launched to determine the scope of the attack. Watsonville Community Hospital has not found any evidence to date to indicate patient data has been stolen, although the investigation is still in the early stages.

PIH Health Recovering from Thanksgiving Ransomware Attack

PIH Health, a healthcare provider serving Orange County and the San Gabriel Valley in California, experienced a ransomware attack on Sunday, December 1, 2024, that disrupted its network and IT systems. While the attack has forced the health system to switch to downtime procedures and report patient data manually, care continues to be provided across all locations; however, without access to critical systems such as patient health records, patient registrations, and pharmacy, radiology, and laboratory systems, delays are being experienced. Some scheduled surgeries may need to be canceled due to the lack of access to critical IT systems. The ransomware attack has also taken its VOIP phone lines out of action, although phone lines at Good Samaritan Hospital were unaffected.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

The attack took systems offline that were used at Downey Hospital, Good Samaritan Hospital, Whittier Hospital, urgent care clinics, home health, hospice services, and physicians’ offices. No time frame has been provided when those systems are expected to be brought back online. An investigation has been launched and third-party cybersecurity professionals are assisting to determine the extent of the attack and whether patient data was stolen. At this early stage of the investigation, it is too early to tell what, if any, patient data has been stolen.

Update Dec 16, 2024: A hacking group claims to have infiltrated 17 million patient records in the attack. Read More…

Indiana Dental Center Falls Victim to Ransomware Attack

Jefferson Dental Center in South Bend, Indiana has announced that patient data may have been stolen in a ransomware attack last month. The attack was detected on November 15, 2024, when ransomware was used to encrypt files. The investigation suggests that a threat actor first accessed its network the previous day, and then encrypted files on November 15. The investigation confirmed that network shares were accessed by the threat actor that contained patient data, which may have been exfiltrated prior to file encryption.

The files on the compromised network shared include patient names, addresses, dates of birth, Social Security numbers, driver’s license numbers, clinical and treatment information, and insurance and claim information. Some of the exposed files may also have contained the information of guarantors who paid for the healthcare services of others. The breach has been reported to regulators as potentially involving the protected health information of up to 12,340 patients. Jefferson Dental Center has added new data security policies and procedures and will continue to look for additional measures to strengthen network security.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist