St. Joseph’s/Candler (SJ/C) Suffered a Data Breach


A ransomware attack on one of the leading healthcare organizations in southeast Georgia compromised personnel and patients' protected health information (PHI.). Based on the current press release, on 17 June 2021, the Georgian healthcare system, with 116 sites around the state, noticed suspicious activities in its network. 

St. Joseph's/Candler of Savannah in Georgia is a national magnet certified nursing excellence institution focusing on state-of-the-art technology and research. This non-profit health system comprises two of the oldest existing hospitals in the United States – St. Joseph's (1875) and Candler Hospitals (1804), serving 33 counties in southeast Georgia and the Low Country in South Carolina, and is also the region's leading and only religious healthcare organization. 

St. Joseph's/Candler (SJ/C) declared on 10th August that it had encountered an incident of data security leading to unauthorized access to information for patients and employees. 

SJ/C promptly took action to disconnect and protect their systems, informed federal law enforcement, and initiated a cyber-security probe. Through the inquiry, SJ/C found that, between the periods of 18 December 2020 and 17 June 2021, an unauthorized entity gained access to its IT network. During a Ransomware attack on SJ/C's IT network, this unauthorized party made documents inaccessible to the SJ/C's IT systems. 

According to the evidence provided by the publication, hackers may have accessed files containing information for both patients and personnel, including protected health information during the data breach. 

"SJ/C cannot rule out the possibility that, as a result of this incident, files containing patient and co-worker information may have been subject to unauthorized access,” it states. “This information may have included individuals' names in combination with their addresses, dates of birth, Social Security numbers, driver's license numbers, patient account numbers, billing account numbers, financial information, health insurance plan member ID numbers, medical record numbers, dates of service, provider names, and medical and clinical treatment information regarding care received from SJ/C.” 

In this data breach, the healthcare system began to send messages to the affected employees and patients. SJ/C provides free credit monitoring and identity protection assistance to those persons affected by the breach. The healthcare provider has also developed a dedicated incident response line for all those who require more knowledge about the breach. 

SJ/C suggests that the statements received from its healthcare practitioners be checked by patients whose information might have been implicated in this occurrence in its press statement. Patients shall call the provider promptly if they see services that they do not receive. 

SJ/C stated that improved security is implemented to address the ransomware attack and “will continue to adopt, additional safeguards and technical security measures to further protect and monitor its systems.”