Cyber Incident Victim: Colorado Medical Center

South Denver Cardiology Associates, a Colorado-based healthcare provider, suffered a cybersecurity breach impacting over 287,000 patients. The incident began on January 2, 2022, when an unauthorized party gained access to certain network systems. The organization detected the intrusion on January 4 and terminated access by January 5. Forensic investigation confirmed data exfiltration during this three-day period, potentially compromising names, birth dates, driver's license numbers, Social Security numbers, and other patient information. Medical records remained unaffected according to company statements. The organization initiated patient notification procedures approximately three weeks after discovery, though did not disclose whether ransomware or specific attacker methodologies were involved in the breach. This incident represented the largest confirmed data compromise among three healthcare breaches disclosed in early 2022.

Montrose Regional Health, another Colorado medical provider, experienced unauthorized access to employee email accounts between August 2 and October 26, 2021. The organization discovered the breach nearly two months after initial intrusion, affecting approximately 52,000 individuals. Exposed data included patient names, account numbers, treatment dates, service costs, and health information. In response, the institution reset all compromised account passwords and initiated breach notifications through official channels. Meanwhile, Alabama-based Norwood Clinic reported a separate breach impacting 228,000 patients from September 20 to October 22, 2021, though this fell outside Colorado's jurisdiction. Collectively, these three incidents across two states exposed sensitive information of more than 500,000 patients, with Colorado accounting for 339,000 affected individuals through its two medical providers. All organizations emphasized ongoing investigations and notification compliance with regulatory requirements.