Cyber Incident Victim: Rangely District Hospital

On or around April 2020, Rangely District Hospital (RDH) discovered a ransomware attack affecting parts of its computer network. The malware encrypted multiple files, including those containing patient health information and other files required to access certain patient records. Ransomware typically operates by locking data and demanding payment for decryption, but RDH did not comply with any ransom demands. The hospital initiated recovery efforts using backups and other unaffected sources, successfully restoring many compromised files. Forensic investigation found no evidence that attackers exported or viewed files containing personal health information during the incident. Despite these efforts, some electronic records remained permanently inaccessible or unrecovered due to the encryption’s impact.

RDH publicly disclosed the incident via a June 8, 2020 press release and began notifying affected patients the same week. The hospital’s detailed notification clarified that while critical systems were restored from backups, operational disruptions occurred due to the temporary unavailability of encrypted records. Mitigation steps were implemented to prevent recurrence, though the specific technical measures were not enumerated in available sources. The hospital emphasized its commitment to patient privacy but acknowledged lingering data accessibility challenges stemming from unrecoverable files. No further updates regarding final recovery status or additional compromises were reported following the initial disclosure.