Howard County General Hospital
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
The breach at Howard County General Hospital, part of the Johns Hopkins Health System, occurred due to a cybersecurity attack targeting a widely used software platform for transferring data files, known as MOVEit. This incident was part of a broader attack that affected multiple organizations and industries around the world. The U.S. Office for Civil Rights is investigating the breach, which affected 2,975 people at Howard County General Hospital. The breach was attributed to hackers exploiting a software vulnerability in MOVEit, with the Russian-backed ransomware gang Clop claiming responsibility for the attack[6].
More than 300,000 people were affected by the data breach across the Johns Hopkins Medicine entities, significantly higher than initially reported. The breach involved “unsecured protected health information,” which could include sensitive personal and private information such as Social Security numbers, medication information, and more. Johns Hopkins Medicine took immediate steps to secure their systems and has been working closely with cybersecurity experts and law enforcement to address the breach. Affected individuals were notified and offered two free years of credit monitoring to protect against possible identity theft or fraud[4][8].
This incident highlights the growing sophistication of cyber threats and the vulnerability of health systems to such attacks. It underscores the importance of robust cybersecurity measures and the need for ongoing vigilance to protect sensitive health information.
Citations:
- https://www.wbaltv.com/article/johns-hopkins-data-breach-civil-rights-officials-investigation/44734824
- https://www.baltimoresun.com/2022/01/12/maryland-department-of-health-confirms-ransomware-attack-crippled-its-systems-last-month/
- https://www.baltimoresun.com/2023/06/27/johns-hopkins-university-and-health-system-to-reach-out-to-those-hit-by-moveit-data-breach/
- https://www.wbaltv.com/article/johns-hopkins-data-breach-people-affected/44787414
- https://www.bizjournals.com/baltimore/blog/cyberbizblog/2016/08/data-breach-could-impact-some-johns-hopkins.html
- https://www.beckershospitalreview.com/cybersecurity/feds-investigate-data-breach-at-johns-hopkins.html
- https://wtop.com/maryland/2023/07/class-action-lawsuit-targets-johns-hopkins-univ-after-health-system-data-breach/
- https://www.wbal.com/more-than-300k-people-affected-by-johns-hopkins-data-breach/
- https://wtop.com/baltimore/2023/06/personal-data-left-vulnerable-after-johns-hopkins-university-and-health-system-hit-by-ransomware-hack/
- https://www.turkestrauss.com/2023/06/14/johns-hopkins-data-breach-investigation/
- https://thedailyrecord.com/2022/08/11/marcellous-frye-jr-kathleen-hetherington-leonardo-mcclarty-and-charley-sung-howard-county-general-hospital/
- https://cybernews.com/news/john-hopkins-confirms-moveit-breach/
- https://casetext.com/case/wilder-v-johns-hopkins-health-sys-corp