The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Group Health Cooperative of South Central Wisconsin Ransomware Attack Affects 533K Patients

Posted By on Apr 9, 2024

Group Health Cooperative of South Central Wisconsin (GHC-SCW) has notified 533,809 patients about a January cyberattack. In the early hours of January 25, 2024, an unauthorized third party accessed its network and attempted to use ransomware to encrypt files. GHC-SCW said the file encryption was not successful; however, while containing the attack and securing its systems, some of its systems were temporarily made unavailable. Third-party cybersecurity experts were engaged to investigate the incident and on February 9, 2024, evidence was uncovered that indicated the attacker had copied certain files from the network before attempting encryption. The attacker also made contact with GHC-SCW and claimed responsibility for the attack and confirmed that data had been exfiltrated from its network. The attacker, a foreign ransomware group, demanded payment to delete the stolen data. GHJC-SCW did not state whether the ransom was paid.

The review of the affected files confirmed that they contained the following types of patient information: Member/patient name, address, telephone number, e-mail address, date of birth and/or date of death, Social Security number, member number, and Medicare and/or Medicaid number.  The types of data involved varied from individual to individual. At the time of issuing notification letters, no evidence had been uncovered suggesting any stolen data had been misused or further disclosed.

GHC-SCW said it notified the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) about the attack and has been working with those agencies to mitigate any harm that may result from the incident. GHC-SCW said cybersecurity measures have been enhanced across all systems and networks to reduce the risk of similar incidents in the future, including strengthening existing privacy and security controls, data backup processes, user training and awareness, and other measures. Affected patients have been offered a one-year membership to a credit monitoring service at no cost.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist