Mount Graham Regional Medical Center (MGRMC), a prominent healthcare provider in Safford, Arizona, disclosed a significant data breach following a ransomware attack that occurred on or around September 13, 2023. The incident prompted MGRMC to file a notice of breach with the U.S. Department of Health and Human Services Office for Civil Rights on September 29, 2023.
The breach compromised a wealth of sensitive consumer information, including names, Social Security numbers, addresses, email addresses, phone and fax numbers, dates of birth, driver’s license numbers, passport numbers, medical records, and financial details. MGRMC initiated an investigation immediately and commenced the distribution of data breach notification letters to affected individuals following the inquiry’s completion.
Upon discovering the attack on September 27, 2023, MGRMC swiftly reacted by shutting down unauthorized access within four hours. Subsequently, external cybersecurity experts were engaged to aid in the investigation, confirming that the ransomware attackers successfully accessed specific data within MGRMC’s computer network, containing confidential patient information.
The review of compromised files aimed to ascertain the leaked information and the affected consumers, revealing a varied array of potentially exposed data pertinent to individuals, encompassing a broad spectrum of personal details.
MGRMC posted an update on November 15, 2023, detailing the attack and the organization’s response on its website. Additionally, they are in the process of dispatching data breach letters to impacted parties, providing a comprehensive list of the compromised information associated with each victim.
Mount Graham Regional Medical Center serves as the primary healthcare provider for residents in Graham and Greenlee Counties, offering diverse services including a cancer center, sleep center, rehabilitation facility, emergency room, and a six-bed ICU. Employing over 507 individuals, MGRMC garners an annual revenue of approximately $52 million.
Recipients of data breach notifications from Mount Graham Regional Medical Center are advised to remain vigilant against potential identity theft or fraudulent activities. Seeking advice from a data breach lawyer can offer guidance on protective measures and potential legal options in the aftermath of this breach. For further information, a comprehensive piece on this issue is available [here](link to the provided piece).
