« Information Technology
  

Wayne Memorial Hospital Falls Victim to Ransomware Attack

The incident was detected in early June.

By HFT Staff


On June 3, 2024, Wayne Memorial Hospital (WMH) detected a ransomware event, whereby an unauthorized third party gained access to WMH’s network, encrypted some of WMH’s data, and left a ransom note on WMH’s network. Upon discovery of this incident, WMH immediately disconnected access to its network and took certain systems offline while it worked to safely and securely restore its network from backups. WMH also engaged legal counsel and cybersecurity professionals to help secure WMH’s network and conduct a forensic investigation. 

WMH’s forensic investigation found evidence that the unauthorized actor had access to a limited number of WMH systems between May 30, 2024, and June 3, 2024. During that time period, the unauthorized actor had access to certain files on WMH’s network and the unauthorized actor claimed to have copied some WMH files as part of its demand for a ransom payment. WMH is conducting a comprehensive review of those files to determine whether those files contained any personal information. If so, WMH will notify any individuals whose personal information may be included in those files in accordance with applicable law. 

WMH’s investigation is ongoing as to whether the unauthorized actor had access to anyone’s personal information. If WMH determines that anyone’s personal information was involved, WMH will mail personalized notification letters to those individuals that disclose the specific categories of information that apply in each individual’s case in accordance with applicable law. 

WMH has not found any evidence that the unauthorized actor has used anyone’s personal information for identity theft or fraud in connection with this incident. Based on the information available to us now, it seems the unauthorized actor’s primary motivation was to extort a ransom payment from WMH. 

Since the discovery of the incident, WMH moved quickly to secure its systems. Specifically, WMH added new intrusion detection and response tools, reset all passwords and made additional enhancements to WMH’s network security. WMH also engaged specialized cybersecurity professionals to conduct a forensic investigation to determine the nature and scope of the Incident. WMH will continue to take steps to mitigate the risk of future harm. 



August 21, 2024


Topic Area: Information Technology , Security

Recent Posts

Aspirus Breaks Ground on New Chippewa Falls Hospital and Clinic

The estimated completion date of the facility is September 2026.

Cybersecurity Law's Expiration Could Leave Healthcare Facilities Exposed

The pending sunset of CISA 2015 threatens to weaken critical information sharing that helps healthcare facilities defend against cyberattacks.

Ground Broken on Northside Hospital Forsyth Expansion

The building and parking deck are expected to open in the fall of 2026.

Onslow Memorial Hospital Breaks Ground on New Medical Office Building

The initial facility is expected to open in January 2027.

The Fatal Flaws in Active Shooter Response in Healthcare Facilities

The most effective solutions to workplace violence are sophisticated emergency response planning and master level training for all employees.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.