Warren General Hospital (WGH) is in Pennsylvania, hosting nearly 90 patient beds and comprehensive health care services. The hospital was attacked by cybercriminals in September, exposing the private information of 168,000 patients.
The Notice of Incident on the WGH website suggests officials discovered the assault after noticing suspicious activity in their network; it was similar to how Florida’s HCA discovered their breach months ago. How the hackers made the attack possible is unclear. However, there are no indications of employee error or system vulnerabilities.
WGH’s response investigation found the breach happened between September 15th and 23rd, 2023. On September 24th, the officials discovered the unauthorized party and began reactive plans. Their subsequent internal investigation finished in early November. They soon after began notifying impacted parties and the State Attorney General’s offices.
Although the exposed information may differ between individuals, WGH patients are likely at risk in this breach. Those potentially impacted should receive a consumer notice in the coming weeks if they have not yet gotten one.
The impact figure is unlikely to increase, though the total scope of the attack remains unclear. The breach filing posted to the Texas Attorney General’s website lists 168,921 people potentially impacted. WGH patients must act quickly to mitigate future data misuse; they can start with monitoring services, strong passwords, and multi-factor authentications.