By HFT Staff

On June 3, 2024, Wayne Memorial Hospital (WMH) detected a ransomware event, whereby an unauthorized third party gained access to WMH’s network, encrypted some of WMH’s data, and left a ransom note on WMH’s network. Upon discovery of this incident, WMH immediately disconnected access to its network and took certain systems offline while it worked to safely and securely restore its network from backups. WMH also engaged legal counsel and cybersecurity professionals to help secure WMH’s network and conduct a forensic investigation. 

WMH’s forensic investigation found evidence that the unauthorized actor had access to a limited number of WMH systems between May 30, 2024, and June 3, 2024. During that time period, the unauthorized actor had access to certain files on WMH’s network and the unauthorized actor claimed to have copied some WMH files as part of its demand for a ransom payment. WMH is conducting a comprehensive review of those files to determine whether those files contained any personal information. If so, WMH will notify any individuals whose personal information may be included in those files in accordance with applicable law. 

WMH’s investigation is ongoing as to whether the unauthorized actor had access to anyone’s personal information. If WMH determines that anyone’s personal information was involved, WMH will mail personalized notification letters to those individuals that disclose the specific categories of information that apply in each individual’s case in accordance with applicable law. 

WMH has not found any evidence that the unauthorized actor has used anyone’s personal information for identity theft or fraud in connection with this incident. Based on the information available to us now, it seems the unauthorized actor’s primary motivation was to extort a ransom payment from WMH. 

Since the discovery of the incident, WMH moved quickly to secure its systems. Specifically, WMH added new intrusion detection and response tools, reset all passwords and made additional enhancements to WMH’s network security. WMH also engaged specialized cybersecurity professionals to conduct a forensic investigation to determine the nature and scope of the Incident. WMH will continue to take steps to mitigate the risk of future harm.