Anna Jaques Hospital has disclosed a breach resulting from a ransomware attack that occurred on December 25, 2023. The breach has affected over 310,000 patients, exposing sensitive health information, according to an announcement on the hospital's website. Anna Jaques, a key healthcare provider in Massachusetts, operates as a non-profit community hospital known for its high-quality care. The hospital features 83 beds and employs 200 physicians alongside 1,200 staff. It serves Merrimack Valley, North Shore, and southern New Hampshire.

Timeline of the Attack and Response

December 25, 2023: Anna Jaques experienced a cyberattack, prompting immediate response efforts including system shutdowns and law enforcement notification.

January 19, 2024: The ‘Money Message’ ransomware group began extorting the hospital by leaking data samples on the dark web.

January 24, 2024: The hospital initiated an investigation into the breach.

January 26, 2024: The group fully released the compromised data after the hospital chose not to meet their ransom demands.

Investigation and Findings

The hospital's thorough investigation concluded on November 5, 2024. Amid the review, which included detailed manual examination of documents, it was determined that the attack impacted 316,342 patients. Anna Jaques has revealed that the compromised data includes: - Demographic and medical information - Health insurance details - Social Security numbers - Driver's license numbers - Financial information - Other personal health data.

Response and Support for Affected Individuals

Despite no confirmed cases of fraud linked to the breach, the hospital has been proactive. Starting December 5, 2024, it began notifying affected patients and has urged vigilance in monitoring financial accounts. To mitigate potential risks, Anna Jaques is providing affected individuals with 24 months of identity protection and credit monitoring services through Experian and 1B. Additionally, patients are encouraged to consider fraud alerts or security freezes on their credit to safeguard personal information.

The link has been copied!