Fitzgibbon Hospital

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Fitzgibbon Hospital, a non-profit community hospital based in Marshall, Missouri, experienced a significant cybersecurity incident in 2022. This incident was identified as a ransomware attack that affected the personal and medical information of approximately 112,000 patients. The attack was detected on June 6, 2022, and the hospital immediately launched an investigation to determine the nature and extent of the breach. The unauthorized access resulted in the exposure of patients’ full names, Social Security numbers, driver’s license numbers, financial account numbers, health insurance information, and medical information

On December 30, 2022, Fitzgibbon Hospital sent out data breach notification letters to all individuals whose information was compromised as a result of the attack

The hospital also filed a notice of the data breach with the U.S. Department of Health and Human Services Office for Civil Rights

Patients whose Social Security numbers were impacted were provided with complimentary credit monitoring services

The ransomware group responsible for the attack, identified as the Daixin Team, claimed to have exfiltrated 40 GB of data from the hospital’s systems. This included sensitive documents and database tables from the MEDITECH database, as well as information related to the hospital’s cybersecurity measures

Despite the hospital’s efforts to secure its systems and comply with privacy and security standards, the breach highlighted vulnerabilities in its cybersecurity defenses

In addition to the immediate impact on patient privacy and data security, the ransomware attack and subsequent data breach have broader implications for Fitzgibbon Hospital. The hospital is one of many rural hospitals in Missouri facing financial challenges, with a report indicating that Fitzgibbon Hospital is at risk of closure due to financial difficulties

This situation underscores the vulnerability of rural healthcare institutions to both cybersecurity threats and financial instability.

Breach Submission Date Dec 30, 2022
Converted Entity Name Fitzgibbon Hospital
Converted Entity Type Healthcare Provider
State MO
Individuals Affected 112,072
Breach Type Unauthorized Access/Disclosure

Breach Information Location Network Server

Business Associate Present Yes