Singing River Health System and its wholly owned subsidiary, Singing River Gulfport
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
Singing River Health System, a healthcare system headquartered in Pascagoula, Mississippi, and its wholly owned subsidiary, Singing River Gulfport, experienced a significant data breach due to a ransomware attack between August 16 and August 18, 2023. This cyberattack led to unauthorized access to the organization’s computer network, compromising the sensitive personal information of approximately 253,000 patients. The exposed data included names, dates of birth, addresses, Social Security numbers, medical information, and health insurance information[1][5].
Upon discovering the cyberattack on August 19, 2023, Singing River Health System took immediate action by securing its systems and initiating an investigation with the assistance of third-party data security specialists. The investigation confirmed unauthorized access to files containing confidential patient information[1]. In response to the breach, Singing River Health System filed a notice of data breach with the Attorney General of Maine and began sending out data breach notification letters to affected individuals on January 12, 2024[1].
The breach has led to legal actions against Singing River Health System. At least two lawsuits have been filed, accusing the health system of negligently handling private information and failing to adequately protect the data from hackers. These lawsuits aim to represent more than 200,000 individuals whose information was compromised. Plaintiffs are demanding that Singing River Health System strengthen its cybersecurity measures and provide compensation for damages and credit monitoring services[7].
Singing River Health System is a significant healthcare provider in Mississippi, operating three hospitals (Pascagoula Hospital, Ocean Springs Hospital, and Gulfport Hospital) and numerous primary care and specialty medical clinics. The health system employs more than 2,200 people and generates approximately $367 million in annual revenue[1].
In the aftermath of the cyberattack, Singing River Health System has been working to restore its computer systems and continue providing patient care, despite some service disruptions. The health system has also taken steps to enhance its cybersecurity measures to prevent future incidents[2][3].
Affected individuals have been offered complimentary credit monitoring and identity theft protection services. Additionally, legal investigations are underway to determine the possibility of filing a class action lawsuit, which could provide affected consumers with compensation for any harm resulting from the breach[4].
Citations:
- https://www.jdsupra.com/legalnews/singing-river-health-system-notifies-6934904/
- https://www.chiefhealthcareexecutive.com/view/mississippi-hospital-system-hit-by-cyberattack
- https://singingriverhealthsystem.com/2023/08/singing-river-operations-update/
- https://www.classaction.org/data-breach-lawsuits/singing-river-health-system-january-2024
- https://www.hipaajournal.com/singing-river-health-system-ransomware/
- https://www.myinjuryattorney.com/singing-river-health-data-breach-investigation/
- https://www.wlox.com/2024/02/02/lawsuits-filed-against-singing-river-health-system-2023-cyberattack/
- https://www.jdsupra.com/legalnews/singing-river-health-system-confirms-7666068/
- https://www.wlox.com/2023/08/31/singing-river-health-system-still-recovering-recent-cyberattack/
- https://www.beckershospitalreview.com/cybersecurity/mississippi-hospital-boosts-data-breach-reach-to-253-000-patients.html
- https://www.sunherald.com/news/local/counties/harrison-county/article284955402.html