CyberHappenings logo
☰
🏠 Home πŸ“‚ Browse ℹ️ About

Wayne Memorial Hospital Ransomware Attack Affects 160,000 Individuals

First reported
Last updated
πŸ“° 1 unique sources, 1 articles

Summary

Hide β–²

Wayne Memorial Hospital (WMH) in Georgia has disclosed a ransomware attack that occurred in May 2024, impacting over 160,000 individuals. The breach involved unauthorized access to sensitive personal and medical information. The hospital identified the incident on June 3, 2024, and took immediate steps to secure its network and restore systems from backups. The Monti ransomware group has been linked to the attack. The compromised data includes names, dates of birth, Social Security numbers, driver’s license numbers, health insurance information, medical history, and prescription details. WMH is offering affected individuals 12 months of free credit monitoring and identity theft protection services. The hospital engaged legal counsel and cybersecurity professionals to investigate the attack and implement additional security measures.

Timeline

  1. 09.09.2025 14:53 πŸ“° 1 articles

    Wayne Memorial Hospital Ransomware Attack Disclosed

    Wayne Memorial Hospital disclosed a ransomware attack that occurred between May 30 and June 3, 2024, impacting over 160,000 individuals. The hospital identified the incident on June 3, 2024, and took immediate steps to secure its network and restore systems from backups. The Monti ransomware group has been linked to the attack. The compromised data includes names, dates of birth, Social Security numbers, driver’s license numbers, health insurance information, medical history, and prescription details. The hospital is offering affected individuals 12 months of free credit monitoring and identity theft protection services.

    Show sources
    Open in new tab

Information Snippets

  • The attack occurred between May 30 and June 3, 2024.

    First reported: 09.09.2025 14:53
    πŸ“° 1 source, 1 article
    Show sources

  • The hackers encrypted data on hospital systems and left a ransom note.

    First reported: 09.09.2025 14:53
    πŸ“° 1 source, 1 article
    Show sources

  • The hospital took systems offline and restored its network from backups.

    First reported: 09.09.2025 14:53
    πŸ“° 1 source, 1 article
    Show sources

  • The compromised data includes names, dates of birth, Social Security numbers, driver’s license numbers, health insurance information, medical history, and prescription details.

    First reported: 09.09.2025 14:53
    πŸ“° 1 source, 1 article
    Show sources

  • WMH is offering 12 months of free credit monitoring and identity theft protection services to affected individuals.

    First reported: 09.09.2025 14:53
    πŸ“° 1 source, 1 article
    Show sources

  • The Monti ransomware group has been linked to the attack.

    First reported: 09.09.2025 14:53
    πŸ“° 1 source, 1 article
    Show sources

  • The hospital engaged legal counsel and cybersecurity professionals to secure its network and investigate the attack.

    First reported: 09.09.2025 14:53
    πŸ“° 1 source, 1 article
    Show sources

  • The hospital performed network-wide password resets and implemented additional detection and response capabilities.

    First reported: 09.09.2025 14:53
    πŸ“° 1 source, 1 article
    Show sources

Similar Happenings

Senator Wyden calls for FTC probe into Microsoft's role in ransomware attacks on U.S. critical infrastructure

U.S. Senator Ron Wyden has urged the Federal Trade Commission (FTC) to investigate Microsoft for alleged cybersecurity negligence that facilitated ransomware attacks on U.S. critical infrastructure, including healthcare networks. Wyden's call follows a ransomware attack on Ascension, a healthcare system, which resulted in the theft of personal and medical information of nearly 5.6 million individuals. The attack, attributed to the Black Basta ransomware group, exploited insecure default settings in Microsoft software and the RC4 encryption algorithm. The breach occurred when a contractor clicked on a malicious link in Microsoft's Bing search engine, leading to malware infection and subsequent elevated access to Ascension's network. Wyden's office highlighted Microsoft's continued support for RC4, an outdated and insecure encryption technology, as a significant vulnerability. Microsoft has acknowledged the issues and plans to deprecate RC4 support in future updates to Windows 11 and Windows Server 2025. The company also outlined mitigations to protect against Kerberoasting attacks, which target the Kerberos authentication protocol. Wyden's office urged Microsoft to warn customers about the dangers of using RC4 instead of AES 128/256, and Microsoft responded with a technical blog post in October 2024, which was criticized for not clearly conveying the warning to decision-makers. Microsoft is actively working to gradually remove RC4 and is providing advice for using the algorithm in the safest ways possible.

Open in new tab

Allianz Life data breach affects 1.1 million customers via Salesforce compromise

Allianz Life, a U.S. insurance subsidiary of Allianz SE, experienced a data breach in July 2025. Hackers accessed a third-party cloud CRM system, stealing personal information of 1.1 million customers. The breach involved a malicious OAuth app linked to Salesforce instances, leading to the exfiltration of sensitive data. The extortion group ShinyHunters, tracked as UNC6040, claimed responsibility and leaked the stolen data. The breach is part of a broader campaign targeting multiple high-profile companies, including Google, Adidas, Workday, Qantas, Pandora, and Workiva. Allianz Life confirmed the breach but declined to provide additional details due to an ongoing investigation. Qantas Group executives reduced their short-term compensation by 15% due to the impact of the cyberattack on customers, which affected approximately 5.7 million passengers.

Open in new tab